// Knowledge
Knowledge
Terms, common incidents and first steps for digital security issues.
Where SKOPION can help
Structured first assessment, discreet documentation and concrete next steps — no guarantees.
Hacked account support
- What we review
- Signs of takeover, affected accounts, hardening and recovery steps.
- What you should preserve
- Notification emails, suspicious logins, screenshots, timestamps.
- What we do not promise
- No guarantee of recovering a lost account.
Data leak suspicion
- What we review
- Whether and where credentials circulate, affected services, priorities.
- What you should preserve
- Affected email addresses, unusual activity, any indicators.
- What we do not promise
- No removal of already-leaked data from the internet.
Phishing & fraud
- What we review
- Authenticity of messages and websites, indicators, next steps.
- What you should preserve
- Original message incl. headers, links (do not click), screenshots.
- What we do not promise
- No guarantee of payment reversal.
Website security for small businesses
- What we review
- Configuration, headers, encryption, form and login security, visible weaknesses.
- What you should preserve
- Access via secure channels, logs, change history.
- What we do not promise
- No assurance of complete attack resistance.
OSINT & digital trace review
- What we review
- Publicly available traces of an incident, structured assessment.
- What you should preserve
- Known accounts, domains, messages, timestamps.
- What we do not promise
- Only legal, publicly available sources — no illegal methods.
Crypto trace review
- What we review
- Transaction paths, addresses, publicly traceable movements.
- What you should preserve
- Wallet addresses, transaction hashes, communication with the other party.
- What we do not promise
- No guarantee of recovering funds.
Glossary
- Data leak
- Unauthorized exposure of data (e.g. credentials) online. Secure affected accounts first.
- Phishing
- Deception via email/SMS/website to steal credentials or payments.
- Smishing
- Phishing via SMS or messenger, often posing as parcel, bank or authority.
- Account Takeover
- Takeover of an account by third parties. Fast action limits the damage.
- Credential Stuffing
- Automated testing of leaked passwords across many services.
- 2FA / MFA
- A second factor in addition to the password — much stronger protection.
- Passkeys
- Phishing-resistant, password-free sign-in bound to the device.
- Malware
- Malicious software (viruses, trojans, spyware) that compromises systems.
- Ransomware
- Malware that encrypts data and demands ransom. Backups are critical.
- Social Engineering
- Manipulating people rather than technology to gain access.
- OSINT
- Structured analysis of publicly available information.
- Digital trace review
- Tracing digital traces (accounts, domains, transactions) to assess an incident.
- Metadata
- Data accompanying files/messages (time, device, location) — often revealing.
- Hash
- A unique checksum of data for integrity verification and matching.
- IP address
- Network address of a device/service — a rough hint, not a definitive person.
- Domain / DNS
- A site name and the system that resolves it to addresses. Key for authenticity checks.
- SPF / DKIM / DMARC
- Email mechanisms against sender spoofing. Without them, spoofing is easier.
- HTTPS / TLS
- Encrypted connection between browser and server.
- HSTS
- Enforces HTTPS and prevents unencrypted connections.
- CSP
- Content-Security-Policy: contains malicious scripts in the browser.
- Wallet address
- Public account number of a cryptocurrency; transactions are public.
- Transaction hash
- Unique identifier of a blockchain transaction — the basis of any trace.
- Seed phrase
- Secret wallet recovery words. Never share them.
- Smart contract
- A program on a blockchain; flaws or fraud can endanger funds.
- Blockchain explorer
- Public tool to follow addresses and transactions.
- GDPR
- EU data protection law: handling of personal data and reporting duties.
- Data protection incident
- A breach of personal data protection, often with reporting duty.
- Evidence preservation
- Orderly securing of evidence (screenshots, logs, headers) before loss.
- Incident Response
- Structured handling after an incident: assess, contain, document.
- Risk Triage
- Initial prioritization: what happened, what is affected, what is urgent.
Checklists
Hacked account — first steps
- Change the password from a clean device
- Enable or check 2FA
- Sign out active sessions everywhere
- Check recovery email/phone
- Inform bank/services
- Preserve evidence
Suspicious message — what to check
- Inspect the sender and domain closely
- Do not click links
- Watch for pressure and urgency
- Do not open attachments
- When in doubt, verify via an official channel
Data leak suspicion — what to document
- List affected emails/accounts
- Preserve unusual logins and emails
- Change passwords (no reuse)
- Record dates and times
Crypto fraud — what to preserve
- Wallet addresses and transaction hashes
- All communication
- Platform and website URLs
- Screenshots with timestamps
- Do not pay the other party
If you are unsure: document the incident and use the secured contact form.