The Home Office warns sponsor licence holders: Stay cyber aware to safeguard personal data in the Sponsorship Management System (SMS). Don't fall victim to phishing scams or malware attacks.

In today's digital landscape, safeguarding personal data is more crucial than ever. With the rapid acceleration of ever more sophisticated cyber threats and attacks, the Home Office is urging sponsors of workers and students to enhance their cyber awareness to protect the sensitive information within the Sponsorship Management System (SMS). Sponsors need to comply with the UK GDPR, and part of this compliance is implementing robust data handling and storage practices to prevent unauthorised access or breaches. Employees should also be trained so they can spot anything suspicious and report it before a breach occurs. Below are some essential tips to keep your data secure.

If you receive an email or telephone call that seems suspicious, or if you believe your SMS account may have been compromised, report it immediately:

Legitimate communications from UKVI

All electronic communications from UK Visas and Immigration (UKVI) at the Home Office regarding your sponsor licence will come from:

UKVI will never ask for your SMS user ID or password, and will never provide you with a link or password to log into SMS. If there are concerns about the integrity of your SMS account, UKVI will take steps to secure your data, including deactivating users and contacting you with follow-up actions.

By staying vigilant and following these guidelines, you can help ensure the security of the SMS and the personal data it contains.

Further advice and guidance is available on the National Cyber Security Centre (NCSC) website