 

#  Fraudulent Activity by Persons Impersonating Harvard Affiliates 

 





September 04, 2025

 

 

Please be aware of fraudulent Harvard purchase orders or requests that have been sent to external vendors, often with forged attachments. The purchase orders or requests fraudulently represent that they are coming from “Harvard Procurement” staff and often are inquiring about the purchase of branded marketing items (backpacks, water bottles, etc.) or asking vendors for sensitive tax information. While vendors have been reaching out to Harvard contacts to verify the legitimacy of orders, some vendors have experienced losses because of the scheme. Particularly with the onset of Artificial Intelligence, the risk of fraud by persons impersonating Harvard affiliates continues to rise. This can take on several forms:

- Fraudulent Harvard purchase orders or requests
- Fraudulent requests to change remittance or direct deposit instructions
- Fraudulent requests to change transfer of funds requests
- Compromised account of a <user@harvard.edu>
- Deep-fake voice message or even video message
- Sophisticated spear-phishing message
- Additional types of Business Email compromise/Email Account (BEC/EAC schemes)

## Examples 

Fraudulent requests/emails could come from domains similar but not limited to @harvard-edu.net, @harvard-educ.com, @harvardd-edu.com, @harvardcollege-edu.com, harvard-edu @financier.com, or [harvard\_eduinfo@aol.com](mailto:harvard_eduinfo@aol.com).

**Valid Harvard email addresses always end in ‘harvard.edu’ or ‘hbs.edu’. (e.g. john\_harvard @harvard.edu or jharvard @fas.harvard.edu)**

Whether you are a vendor or a member of the Harvard community, you must exercise extreme vigilance to protect yourself, the University, and others from falling prey to these schemes, sometimes with very large financial consequences.

If you suspect that a request is fraudulent or need help in validating the legitimacy of a request, please contact <RMAS-FraudAlert@harvard.edu>.

## Tips for Fraud Prevention

### For Vendors:

- Always ensure that a purchase request has come from a legitimate Harvard staff member who is authorized to make such a purchase or request.
- If the request is unexpected, confirm the legitimacy by calling the school, department, lab, or center’s administration using a published contact number.
- If you have been the victim of fraudulent activity, contact your local law enforcement authority.

### For members of the Harvard community: 

- If you are asked to confirm an unfamiliar or unexpected Harvard purchase request, ensure that the request is legitimate by contacting the originating department and verifying the purchase details.
- If you are asked to change (urgently or otherwise) the remit-to or banking details of any transaction via any communication medium (voice call or message, video call or message, email, instant message, etc.), do not do so until you can confirm beyond a reasonable doubt that the request is legitimate.
- Never divulge personally identifiable information or credentials (e.g., social security, driver’s license or passport number, passwords or PINs, bank account or credit card numbers) in response to a request from an incoming message or call, or a call to an unfamiliar number or entity.
- Never transmit personally identifiable information or credentials in an unencrypted email or a fax.

## Additional Resources

Use these resources to help protect you and the University from fraudulent activity:

- Guidance and training from the[ Harvard University Information Security and Data Privacy](<https://privsec.harvard.edu >)
- Tips on [how to avoid a scam](<https://consumer.ftc.gov/articles/how-avoid-scam >) from the Federal Trade Commission
- [Information on Business Email Compromise](https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams/business-email-compromise) from the Federal Bureau of Investigation



 

 

 



 

 See also:- [ Risk Management ](/rmas-functional-areas/risk-management)
 
 

 Share on:- [     Facebook ](#)
- [     Twitter ](#)
- [     Linkedin ](#)