Subj : UK immigration system tar
To   : All
From : Mike Powell
Date : Thu Aug 14 2025 09:16 am

UK immigration system targeted by hackers - dangerous new phishing campaign
hits Sponsorship Management System

Date:
Thu, 14 Aug 2025 11:04:53 +0000

Description:
Phishing emails are being used to steal account credentials to generate fake
jobs and visa schemes.

FULL STORY

A phishing campaign has been uncovered by Mimecast researchers targeting the
Home Office Sponsorship Management System (SMS).

The main aim of the campaign appear to be to compromise access to accounts,
which can then be sold on the dark web, extorting organizations through the
theft of sensitive data, and creating fraudulent Certificates of Sponsorship
(CoS).

The campaign doesnt just affect organizations with sponsor license
privileges, but threatens to undermine the entire UK immigration system.

UK Home Office at risk

The attackers begin the campaign by sending emails that closely resemble
legitimate emails distributed by the Home Office, using the same branding and
stylization. The emails include an urgent call to action that threatens
account suspension if the user doesnt log in.

The victims are guided to a fake login page via a captcha-gated URL that
looks very similar to the legitimate URL used by the Home Office. After
completing the captcha, the user lands on a cloned Home Office login page.

The only differences between the legitimate and illegitimate pages are in the
form submission. The fake page directs credentials to an attacker-controlled
script, where the exposed credentials can be used to log in to the victims
account.

With the stolen accounts, the attackers can then create fake job offers and
visa sponsorship schemes, and charge victims tens of thousands of pounds to
access them.

The best protection against phishing campaigns such as this one is constant
vigilance. Always double check URLs and be cautious of urgent calls to
action.

======================================================================
Link to news story:
https://www.techradar.com/pro/security/uk-immigration-system-targeted-by-hacke
rs-dangerous-new-phishing-campaign-hits-sponsorship-management-system

$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from vert.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.