Keep the evidence
The first piece of advice we can give you if you’ve been the victim of a cyberattack or online fraud is to collect and keep as much evidence as possible. Messages exchanged, documentation sent, received or that may have been stolen, contact details of potential cybercriminals, and proof of payments you have made, if any, will all be useful to you.
If any damage has occurred, you must submit a report to the State Security Forces. Make sure you provide all the related evidence and documentation as it could be useful. In general, there are units specialized in technology crimes, such as, in the case of Spain, the Technological Investigation Brigade of the National Police or the Telematic Crimes Unit of the Civil Guard.
Inform your bank
If you have been the victim of financial damage, or if your bank details have been compromised, we advise you to inform your bank as soon as possible so they can take the relevant measures, as well as starting their procedures in cases of fraud. Provide a copy of the report and ask if you have any type of coverage against attacks of this kind.
Third-party damages? Communicate!
When there is a leak of information about third parties – something that usually happens in the case of attacks on SMEs and large companies – you must report this to the Data Protection Agency within 72 hours, otherwise the business owner may also be faced with penalties.
Collaborate with the INCIBE
If you have detected fraud but have not been a victim yourself, you should report the situation using the citizen collaboration tools that allow you to report facts or situations that could instigate investigations into allegedly criminal acts, as well as the report of the INCIBE (National Cybersecurity Institute) incident response team:
- National Police: https://www.policia.es/_es/colabora_informar.php
- INCIBE-CERT: https://www.incibe-cert.es/en/incident-handling
In the event of the infection or intrusion of devices, the INCIBE also recommends you implement the disinfection process of the following resource: https://www.osi.es/es/desinfecta-tu-ordenador. All passwords that may have been affected must also be changed.
Remember that insurance companies also offer the possibility of technical and legal support in the event of a cyberattack, coverage against possible losses, and the option of adapting and personalizing your policy to the real risk associated with your online activities by means of a cyber risk insurance policy.