Immigration clients get scam email

Malware in an email purporting to be from the Cayman Islands Immigration Department was sent out Tuesday to various immigration clients, the Ministry of Immigration confirmed.

The email, originating from “Royal Cayman Immigration” – a department that does not exist – was sent from a bogus address and contained computer viruses that could harm the user’s computer or their company’s network, immigration officials said.

The email’s subject line read “new rules and regulations” for a number of immigration processes, including work permit and permanent residence applications. It then asked the recipient to “click here to review details” – a step that would active the malware, officials said.

Government officials said they were looking into how a list of Immigration Department client emails had been obtained and said no new laws or policies had been approved recently relative to any of the permits described in the email.

“If the Department of Immigration has implemented any new laws, regulation and/or policies, they will be posted to the official website,” the warning sent from the department Tuesday states.


  1. My understanding that the emails supposedly came from: [email protected]

    Did these scammers actually manage to obtain this domain name: or did they simply spoof it?

    As for how did they get hold of the email addresses of clients of the immigration department, that’s easy.
    Either weak passwords that enabled them to log in as an immigration office staffer or more likely social engineering.

    Social engineering means you talk your way in by imitating someone in authority or a co-worker and then tricking a staffer into letting you know their log in credentials.

    Every business and government department should read: “The Art of Deception” by Kevin Mitnick. At one time the world’s most wanted hacker.

Comments are closed.