US flag   Official website of the Department of Homeland Security

Report Cyber Risks

DHS provides onsite and remote incident response assistance to its public and private sector partners. Upon notification of a cyber incident, the NCCIC and its components can offer to perform a preliminary diagnosis to determine the extent of the compromise.

Report an Incident. A cyber incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices. DHS encourages you to report any activities that you feel meet the criteria for a cyber attack or incident. Your information will be kept confidential.

Report Phishing. Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details from individuals or groups by employing social engineering techniques. DHS is collecting phishing e-mail messages and web site locations so that we can help people avoid becoming victims of phishing scams.

Submit Malware or Report a Vulnerability. Malware refers to software programs designed to damage or perform other unwanted actions on a computer system. Examples of malware are viruses, worms, Trojan horses, and spyware. DHS performs analysis of malware and software vulnerabilities and can provide actionable information on how to better protect information systems.

Malware and vulnerabilities can be submitted to DHS by e-mailing and

By e-mail: For additional information, contact Cybersecurity and Communications External Affairs at
Back to Top