News
HMS Is Facing a Deficit. Under Trump, Some Fear It May Get Worse.
News
Cambridge Police Respond to Three Armed Robberies Over Holiday Weekend
News
What’s Next for Harvard’s Legacy of Slavery Initiative?
News
MassDOT Adds Unpopular Train Layover to Allston I-90 Project in Sudden Reversal
News
Denied Winter Campus Housing, International Students Scramble to Find Alternative Options
Scammers exploited a Harvard website in a ploy to sell “miracle” CBD and keto gummies, a Snopes investigation revealed on March 27.
According to Snopes, Harvard is among several top “organizations and institutions” targeted by the scam campaign. Other affected parties include the World Health Organization, the Texas state government, and various other educational institutions including Columbia University, the University of Michigan, and the Minneapolis Public School District.
Scammers looked to exploit major websites ending in .edu, .org, or .gov that were not entirely secure or provided accessible avenues for the scammers to upload content advertising “miracle” gummies.
Once consumers clicked on the bogus links, they were redirected to doctored websites resembling Facebook posts or news articles.
Designed to look trustworthy, these fake websites included product-order pages that, if filled out, bound consumers to expensive monthly subscriptions. The product-order pages often did not provide a phone number or other contact information, leaving consumers unable to cancel their order or obtain a refund.
Harvard spokesperson Jason A. Newton wrote in an emailed statement that the issue was limited to vendor-supplied software on one website, and that the exploit was resolved shortly after it was identified. Newton added that no other Harvard websites were impacted.
Jordan Liles, the Snopes reporter who conducted the investigation, wrote in an emailed statement to The Crimson that “Harvard University’s website was targeted likely due to the university’s prominence and because of its .edu domain suffix.”
In his article, Liles wrote that scammers likely target .edu domain suffixes because they land higher on search results and present as more authoritative.
Liles wrote to The Crimson that he contacted Harvard during his investigation and was informed that the matter was being addressed.
According to Liles, Harvard could require students and staff to login and verify their identities before sharing and uploading content across the harvard.edu website.
Preventing scammers from no longer accessing a website they’ve abused “is a good step toward lessening the number of victims they might be able to claim,” Liles wrote.
Still, Liles wrote that “the true way to solve this problem regarding the promotion of snake-oil claims about CBD gummies, keto gummies, and other supplements” is for social media and advertising sites like Facebook and Instagram to stop accepting payments in exchange for hosting similar advertisements.
“After all, the only reason why someone might be interested in keto gummies and then later land on a scammer-created page like there was on harvard.edu was because that person’s interest about the product was piqued by a scam ad they saw,” he wrote.
Want to keep up with breaking news? Subscribe to our email newsletter.