Please choose an option that best describes your incident
Reporting an Incident Guidelines
A computer security incident is any adverse event whereby some aspect of a computer
threatened via loss of confidentiality, disruption of data or system integrity, denial
Any organisation or corporate entity using computer systems and networks may be confronted with security breaches or computer security incidents.
By reporting such computer security incidents to CERT-GH the System Administrators and users will receive technical assistance in resolving these incidents. This will also help the CERT-GH to correlate the incidents thus reported and analyse them; draw inferences; disseminate up-to-date information and develop effective security guidelines to prevent occurrence of the incidents in future.
CERT-GH provides information and assistance to the general public and organisations in implementing proactive measures to reduce the risks of information security incidents as well as responding to such incidents as and when they occur.
When reporting an incident, kindly add the following:
- Your name and email address
- Name of your organization
- Date and time (including the time zone) when the incident occurred
- Relevant logs and other critical information.
Kindly take note that the information will not be disclosed to a third party without the consent of the individual or organization providing the information.
Incidents that are reported include phishing, hacking, denial of service, malicious code (malware, viruses, ransomware), website defacement, spamming, unauthorised access, compromised email accounts, sextortion, identity theft, and attacks on computer systems and any other cyber security related incidents.
After reporting the incident, the incident reporting party will receive an
acknowledgement email with a ticket number. The ticket number can be used for
The reporting party will be informed when the incident is resolved or any other information or clarification is required.
The following IT issues should NOT be reported to CERT-GH:
- Forgotten passwords or blocked / locked accounts
- VOIP services not working correctly (e.g Skype)
- Websites access issues (website is not loading properly)
- Internet connection problems
- Hardware problems
- Network problems
- Printer issues
- Any other non-cyber security related issue(s)
- For legal actions, the reporting party should contact the Cybercrime Unit of the Ghana Police Service.
Incidents can be reported to CERT-GH through the following channels:
- Online Form
- SMS to shortcode 292 on all networks
- Email firstname.lastname@example.org
- WhatsApp on 050 160 3111
- Call CERT-GH on 292
When reporting an incident online, users should also provide the following
information if relevant to the nature of incident:
- Fake or hacked accounts – name of the account and URL
- Compromised Email accounts – User ID
- Stolen pictures – screenshots
- Phishing – Phishing link, phishing email, email headers
- Denial of Service or Distributed Denial of service attack – IP address
- Unauthorised access – logs
- Malware – malicious file, link or email
- Website defacement – website link
- Unauthorised video – link of video
- Spam – email header
- The incident reporting party should preserve all the available information without any alteration.
- Incidents should not be reported from a machine which you think is infected.