Weekly review of the National Cyber Security Centre Finland (NCSC-FI) – 09/2025

Smart devices also belong in recycling—do it securely

Nowadays, various household electronic and smart devices are quite common—an average household owns dozens of electrical and electronic devices. Many of these devices are often not even in use but rather stored broken or outdated in closets and drawers. By recycling retired devices, we recover valuable metals for reuse and promote sustainable digitalisation.

How to recycle smart devices securely

1. Back up important data before recycling
   
   Smart devices often contain important personal data, such as personal information or photos. It’s recommended to transfer valuable files to another device, such as an external hard drive or a cloud service, to ensure that important data and memories are not lost when recycling the device.
    
2. Log out and remove personal data
   
   In addition to saving personal files, log out of all services and applications on the device, such as social media accounts and email. If the device was used for multi-factor authentication, remove it as an authentication device. Before recycling, erase all sensitive data. The easiest method is to restore factory settings or completely wipe the device. Also, remove any SIM cards and memory cards.
    
3. Erasing data from computers and phones
   
   Simply deleting files or moving them to the recycle bin does not permanently remove data from a computer, as it can still be recovered. For full security, completely wipe the computer and overwrite stored data using specialized software.
   For phones, restoring factory settings is the simplest method, as it deletes all data and resets the phone to its original state. The same approach applies to other smart devices, such as tablets and IoT devices.
    
4. Ensuring security for broken devices
   
   If a device is broken beyond use, physically destroying it is the safest way to ensure data is unrecoverable.
    
5. Recycle securely
   
   Once you've saved your important data and erased personal information, you can safely take your smart devices to an official WEEE (Waste Electrical and Electronic Equipment) recycling point.

More Information

Smart and digital devices should be recycled too (External link)

Tips for recycling electronic devices (External link) (in Finnish and Swedish)

IT waste security (External link)

Where can I return an old device? (External link)

Data protected recycling of devices (External link) 

Instructions for recycling electrical equipment (External link) 

Finnish online stores targeted by Magecart attacks

The NCSC-FI has received reports of Magecart attacks targeting Finnish online stores. If you operate an online store, ensure the security of your admin credentials and keep your e-commerce platform updated. Check your site for malicious code or unauthorised plugins.

Magecart refers to several hacker groups using digital skimming techniques to steal personal data from websites. The name originates from their initial target, the Magento platform, which provides checkout and shopping cart functionality for retailers.

In a Magecart attack, hackers exploit vulnerabilities or compromised administrator credentials to access e-commerce websites and steal customers’ payment card details. The attacker adds malicious plugins to the website or injects malicious scripts into its source code, capturing payment card information when a customer enters it at checkout.

E-commerce operators should stay up to date on their website’s security and safeguard admin credentials. In case of a data breach, it is essential to identify the root cause, implement corrective actions, and notify both customers and authorities.

Read more in our article: Digital skimming—Tips for securing your online store (External link) (in Finnish)

Fraudulent Phone Calls in the Name of the NCSC-FI

The NCSC-FI at Traficom has received multiple reports in recent weeks about scam calls where fraudsters pose as representatives of the "Cyber Department." In these calls, they claim that money has been withdrawn from the recipient’s account and then ask for banking details.

Traficom, other authorities or banks will never request banking details or other sensitive information over the phone or via email.

What to do if you receive a suspicious call from an authority:

1. Do not share your personal information with the caller.
2. Take note of the caller’s name and the organisation they claim to represent.
3. End the call.
4. Verify the call's authenticity by calling the official customer service or switchboard of the respective organisation. Do not use contact details provided by the caller—look them up on the organisation’s official website. Ask to be connected to the person who allegedly called you. Traficom’s switchboard number is +358 29 534 5000.

Internet continues to function despite submarine cable damage

Recent submarine cable damage in the Baltic Sea has been a major topic in the media. Disruptions to critical infrastructure are understandably a concern. Submarine cables are the backbone of the internet, but unlike the human body, internet connectivity is not reliant on a single backbone. Finland’s telecommunications connections are not dependent on a single cable, and the damage to the C-Lion-1 cable reported by the media last week did not impact Finnish internet users.

The internet’s design ensures resilience, with routing protocols automatically finding alternative paths for data transmission in case of a disruption. Damage to submarine cables is only one potential cause of disruption that rerouting and the networked structure of the internet are designed to prevent.

Requirements on the protection of submarine cables used for public telecommunications are laid down in the Act on Electronic Communications Services (https://www.finlex.fi/fi/laki/ajantasa/2014/20140917 (External link)). The Act requires, for example, that public communications networks and communications services must be planned, built and maintained so that they withstand normal, foreseeable climatic, mechanical, electromagnetic and other external interference and that other defects and disruptions that significantly interrupt their functionality can be detected.

Submarine cable breakages are noticed and repaired. There is continuous cooperation to protect and safeguard the communications network infrastructure and to prevent, detect and fix any issues. Cable damages in the Baltic Sea and the measures needed to repair them have further improved the readiness of the authorities and Finnish companies to collaborate and react to similar events in the future. Read more:

• Submarine cables are the backbone of the internet (External link) 
• Weekly review 47/2024: Submarine cables (External link) 
• Traficom and other authorities investigate cable damage in the Gulf of Finland (External link) 

Current Scams

In this summary, we provide information about scams reported to the NCSC-FI during the past week.