ADVERTISEMENT

International travelers targeted in immigration-themed phishing campaign

A sophisticated phishing campaign that first targeted travelers heading to Singapore has expanded to exploit those traveling to other nations, including the United Kingdom and Malaysia.

Passport control at Gatwick Airport

Oli Scarff/Getty Images

Stefanie Schappert
Stefanie Schappert Senior Journalist
Feb 13, 2025 Updated: 13 February 2025 2 min read

How it Works

Cofense immigration phishing scam emails
Examples of phishing emails notifying the user about the status of their arrival card. Both emails use authoritative-sounding wording to invoke urgency, such as “arrival card or document is required.” Images by Cofense.
Ernestas Naprys jurgita Paulius Grinkevičius B&W Niamh Ancell BW
Add us as your Preferred Source on Google.
ADVERTISEMENT

Attackers using sophisticated tactics

Cofense immigration phishing scam payment form
Attackers create credential phishing pages that include an “Edit” option to give them more legitimacy. Images by Cofense.
Cofense immigration phishing scam prepopulated forms
Attackers use pre-populated forms exposing the victim’s sensitive personal information, including first/last name, date of birth, country of birth, passport number, email, mobile number, and arrival date in Singapore. Images by Cofense.

Protecting Yourself

  • Always verify immigration-related websites by checking the official government domain.
  • Be wary of urgent emails demanding immediate action, especially those requesting payment.
  • Never enter personal or financial information on sites you haven’t independently verified.
  • Use cybersecurity tools such as browser extensions that flag malicious sites.
ADVERTISEMENT