Reporting an IT security incident

All IT security incidents can be reported in an e-mail or on the phone. We prefer reports via e-mail. See UiO-CERT's contact information.

What is an IT security incident?

Read more about how to recognize an IT security incident that should be reported here.

How to report?

Send your report to UiO-CERT. It is important that you collect as much data possible.

This should be in the report:

  • your contact information: minimum your e-mail address and phone number. If you are unavailable at certain times, we urge you to give the name of a second contact person.
  • the name of your faculty/institute/department
  • what is your relation with your local IT organization? Are you a part of it?
  • how many people and computers do you believe could be affected?
  • which operative system is involved (Windows, Unix, macOS etc.)?
  • give an account of the activity you are reporting. Was it a hack, virus, breach of confidensiality, other?

Reporting phising (scam e-mails)

A phishing e-mail is an e-mail that tries to scam you into giving them your personal information, like your national identity number, password, bank account numbers etc.

Read more about how you can avoid being scammed by these e-mails at

If you are not affiliated with the University of Oslo and need help with a possible phishing e-mail, read more here.

If you are affiliated with UiO you can contact UiO-CERT for help. See detailed information below.

1) If you are unsure if an e-mail is a scam or not

Send a copy of the e-mail, preferably with full headers (information in Norwegian) to Remember to ask all the questions you may have. We will respond as soon as possible.

2) If you have received a scam e-mail and want to send it to us

UiO-CERT would like to be told about all received scam e-mails. Send a copy of this, preferably with full headers (information in Norwegian) to or

This enables us to assess whether we need to take special measures or notify others outside of the UiO.

Please be aware that messages to these addresses are considered to be reports of actual incidents and will normally not be responded to.


Published Mar. 29, 2019 8:33 AM - Last modified Nov. 12, 2021 10:18 AM