Pursuant to the provisions of the National Cybersecurity System Act of 5 July 2018 (Dz.U. [Journal of Laws] of 2018, item 1560, hereinafter referred to as the NCSSA), under which the Minister of Energy issued a decision to recognise Zespół Elektrociepłowni Wrocławskich KOGENERACJA S.A. as a Key Service Operator in the field of electricity generation and heat generation, we will inform you periodically about the cybersecurity risks in the field related to the key service provided by Zespół Elektrociepłowni Wrocławskich KOGENERACJA S.A and the ways to protect against them.

The war in Ukraine is not only about military operations launched by Russia but also cyber activities carried out by Russian hackers. This includes cyber-attacks targeting selected Ukrainian IT systems and the mass takeover of poorly secured social networking and instant messaging accounts as well as e-mail boxes intended to spread a disinformation campaign.

This gives the aggressor the opportunity to publish false information as part of a broad campaign that Ukraine is responsible for the current situation. False evidence is often presented to prove that Ukraine is the one that is attacking the Russian Federation and not the other way round.

In addition, taken-over accounts are used to publish memes ridiculing Ukraine and send out messages containing dangerous attachments and links. The worst part is that users of taken-over accounts often do not realise that they are becoming part of the Russian propaganda machine. Additionally, if the account of a person we know personally or a well-known influencer is taken over, the information generated by them is often perceived as credible and passed on in good faith.

As a result, it is now more important than ever to properly secure the accounts. We encourage you to review your security measures, especially if your provider provides the relevant tools. If your e-mail provider allows you to set up a secondary e-mail address and phone number or gives you the option to use two-step verification, we strongly recommend that you use these options. This will enable you to regain control of your account in the event of a takeover. Two-step verification effectively protects against account takeover.

Our recommendations for the current situation:

  • Verify the strenght and age of passwords in your e-mail, instant messaging, and social media accounts and make appropiate modifications to strenghten them
  • Verify that your anti-virus system is up to date or consider installing one
  • If you receive the message that arouses your suspicions, do not open the attachment and do not use the link contained in the message
  • Be very cautious if you receive a message with disturbing information from a person you know personally. In such a case, we suggest you to contact that person directly, e.g., by phone, to verify that their account has not been taken over
  • Do not accept every message without being critical. think twice before sending it on

In recent weeks, the digital space has seen an increase in the number of online scams involving criminals impersonating well-known and credible brands to extort funds or data. The energy industry, including the image of our group of companies, has been used for this type of illegal activity.

A number of people, including our customers, receive text messages with information about a scheduled electricity disconnection. The message contains a request to pay the amount due and a link where the payment can allegedly be made.

It is an example of a classic hacking attack based on phishing, which consists in impersonating a known and trustworthy person or institution to obtain sensitive data or undertake actions described in the message. In this example, the criminal uses social engineering to extort financial resources drawing on a natural human trait, that is trust in a legally operating, well-known, and nationwide brand (Polska Grupa Energetyczna in this case).

The message usually has a link which redirects the victim of the attack to a fake website for identity theft or device infection. These types of attacks are becoming more and more refined, so it is difficult to distinguish a genuine message from a phishing message.

How to identify phishing? You should be vigilant every time you receive a message via e-mail or instant messaging, or text message, that contains a request to disclose personal and confidential information or process various forms of online payment.

How can you protect yourself from this type of attack?    

  • Be careful and pay attention to any unusual or unexpected message
  • Do not react reflexively to links as they may not be from a trusted source
  • Never open attachments as they may contain malware
  • Verify the website addresses carefully. Pages are often perfectly forged and appear to be correct, but their URL is different from the original address of the institution (e.g., different domain).
  • Call the official hotline of the institution from which you received a questionable message and ask if they sent it. Make sure this is not a phishing attempt.
  • Take care to use legal software. Keep software up to date. Install the latest security patches.
  • Use anti-virus software on the devices you connect to the Internet. Many manufactures have tools to protect against phishing

In recent days, we have heard much about the e-mail box scandal. You should remember to protect your correspondence and there are a number of reasons for this.

We often use e-mail to send important personal information, correspond with authorities, institutions, and the bank, and transmit important commercial data, personal data, and information the disclosure of which would cause measurable damage to someone’s image.

Poor security of e-mail accounts, including the lack of application of password rules to protect the account is a very common practice. We often use a password that is easy to remember, even if the server has specific password length requirements. For example, “Alamakota279” is not a challenge for someone who wants to hack into your e-mail account. Conversely, who would dare to remember and type in every time a password like this: “Bsk8hsna.vwPjh3dx7xytkml”? And change it every 30 days to another one, similar in complexity?

Therefore, a good idea is to entrust control of passwords to a specialist tool, such as a password manager.

If your mail provider offers the Two-Factor Authenticaton (2FA) option, run it.  It can help protect your accounts, even if your password is stolen. Two-Factor Authentication (often abbreviated as 2FA) provides a double check to verify that you really are the person you say you are when using online services. This method is available for most common online services, such as banking, e-mail, and social media. You should also be sure to secure the devices you use to access e-mail. While we protect private or company computers with a strong password, we often use a 1234 code to protect our mobile phones. And we sometimes leave them unattended.

Depending on what solution you use, after entering the password, you may be asked to enter a code delivered via text message, enter PIN on the mobile phone associated with the account, confirm identity biometrically, or use a specialised hardware key (the latter falling under enterprise solutions).

This will make the information sent by e-mail much more secure so that you can sleep soundly without worrying about it falling prey to cybercriminals.

Computers and other electronic devices that we use on a daily basis have very complex software that is necessary for them to function properly and provide the services we expect. Whether we use a computer, smartphone, tablet, access router, NAS servers, Smart TVs, or other Smart Home devices, which are increasingly common in our homes, they all function on the basis of software which often contains vulnerabilities (commonly referred to as holes in the software). If the vulnerabilities are not addressed during the software update, they can be exploited by cybercriminals. This applies not only to the operating system but also to all kinds of applications, application add-ons, firmware, and device drivers. The computers we use usually tell us that the operating system needs to be updated. We recommend that these updates are installed as soon as possible. We do not always pay attention to keeping the firmware of our other home appliances up to date, and our router is running pre-installed firmware from several years ago. Similarly, our NAS server, once up and running, often ends up on the list of forgotten devices.

Given the increasing frequency and sophistication of ransomware malware attacks (which encrypt the victim’s resources), including on NAS devices, you should log in at least once every few months and verify that the software controlling your server is up to date. You should also update all the software packages running on it. We also recommend analysing whether all the network services you are running on the server are really necessary, especially if the NAS server offers you services that you can access from the Internet. This is because services published from your NAS server to the Internet can become a potential weak link in an attack by cybercriminals, including a direct attack on our home network and its other devices. It is also a good idea to protect the most valuable data stored on the NAS server by means of a backup copy on external storage media not permanently connected to the network.

Regular software updates for our home appliances should become a habit. Remember that updates provided by hardware and software manufacturers not only remove security-related imperfections but also introduce improvements and new features, often speeding up and improving the stability of operation.

Unfortunately, the pandemic is not letting up and our lives (work, school, shopping) have been lived largely in the virtual world for a long time now. Cybercriminals are also aware of this and do not intend to miss this opportunity.

Recently, a number of people have received messages informing them that a popular auction site offers a voucher worth up to PLN 500, valid for the next 24 hours, provided that they log in using the link provided in the message.

People who are waiting for a delivery expect a text message that the parcel has arrived at the collection point. Some receive a message that the actual delivery cost is higher than expected by PLN 0.20 and they have to pay the missing amount via the attached link to receive the collection code.

In recent days, those waiting for a parcel via the Polish Post have been receiving a “No Delivery Notification” e-mail with information about the non-delivery of the parcel to the recipient and how it can be collected. They also have been induced to click on a suspicious link.
In none of these examples, or similar ones, should you under any circumstances click on the attached link. Doing so may lead to your mobile phone or computer being infected and sensitive data being intercepted, enabling attackers to clean out your bank account or credit card.

We recommend caution. If in doubt, contact the seller or the hotline of the company delivering the ordered goods.

You receive dozens, and sometimes hundreds, of messages in your e-mail box every day. You do not want to get lost in it, so you try to quickly pick out the most relevant ones, visually sorting them and vaguely reviewing the selected ones. Now, you open the attachment you think contains an explanation of the e-mail’s vague content, click on the file and some Word or Excel message and... you are in for it. Welcome to the club of attack victims.

Sound familiar? Hopefully not, but the statistics are brutal and say that around a third of such e-mails are opened on the spur of the moment. Hackers are aware of this and are creating increasingly credible-looking and clever phishing campaigns aimed at convincing a potential victim to open an attached Office document containing a malicious VBA macro.

What is a VBA macro? It is a programme that allows you to automate certain activities that take a lot of time in your daily work, especially when they involve the repetition of certain actions. For example, it is possible to accelerate the generation of a daily report containing ERP system data that have to be filtered and appropriately arranged in the form of a table and a chart or completely replace the process with a set of macros written in Visual Basic for Applications language (VBA).

It was written for Microsoft Office and is very popular among users due to its simplicity and ease of creating software. Microsoft initially assumed that VBA code could be automatically executed in certain situations. It streamlined work but was soon used as a gateway by hackers to exploit the language’s capabilities on a massive scale.

Microsoft was fairly quick to impose restrictions and force confirmation of the user’s execution of the macro, but cybercriminals use social engineering to deceive a potential victim and force the execution of the code included in the attached file.

How to protect yourself? First and foremost, be vigilant and prudent when deciding whether to open an attachment. Only run macros in documents from people or organisations you trust and preferably only if there is a compelling reason to do so.

Remember that a macro is a computer program that can be used for good or bad.
If intended to help you with your work, it may save you hours of tedious clicking. If designed to steal information, it will do anything to do this.

Social isolation has forced changes in daily life for virtually everyone. Wherever possible, many elementary needs began to be met in virtual space. Compulsory remote teaching, remote working wherever possible, and online shopping – these are just examples of the changes to which cybercriminals have immediately adapted.
There have been known cases of a home computer being infected by an unaware child trying to connect to virtual classes via links modified by hackers.

It is worth verifying the security of our home computers and routers. You should purchase, if you do not have any, and install the Internet security tools (firewall, anti-virus, and anti-spam package) or use free anti-virus tools.

If you do not have a backup copy of the relevant data, copy it to an external USB drive or a home network drive or use cloud solutions.

Cybercriminals often exploit socially important topics to extort data from people who wish to find out more about the issue (the epidemic threat in this case). They feel extreme emotions. Currently, they are associated with the coronavirus and the fear of infection. A newsworthy title, a quoted expert statement, or a video related to the topic are likely to let down your guard. Hackers also send e-mails with links to sites where COVID-19 drugs can be purchased. This is obvious misinformation as they do not yet exist. In stressful situations, people often do not think logically and do not check where the information comes from. A cybercriminal creates a typical fake news, the purpose of which is, for example, to provide login details on a social media site or click on a particular link. The link is often intended to extort transfer details (e.g., a fundraiser for the treatment of a person infected with coronavirus). In some cases, accessing the link will infect your equipment.

The Ministry of Digitalisation website has published information on how to block scammers using the pandemic for their own purposes. Suspicious domains will be made public. In a number of cases, notifications to the police and the prosecutor’s office will be made. This is the result of cooperation between the government and telecom operators.


  • Be cautious of advertisements for COVID-19 drugs, especially their sale.
  • Keep an eye out for organized private fundraises to fight COVID-19.
  • Use tried and trusted shopping and auction portals.
  • Verify the addresses of sites that ask you to click on link and provide your data, passwords, or logins.
  • Do not respond to suspicious text messages regarding courier collection and the epidemic
  • Carefully analyse contracts and terms of transaction executed over the Internet.
  • Carefully study the loan offers before signing, especially if the terms are really atractive.
  • Check if the website has an SSL certificate (especially for banks).
  • Check information in reliable sources, e.g., gov.pl pages
  • Communicate and explain the above information to older people in the family and beyond.

As far as remote working is concerned, it very quickly became apparent that the IT infrastructure of most companies was not prepared for long-term remote work, which often resulted in connection problems and error messages. Reports show that a large proportion of these errors are caused by human error, bypassing procedures, and infected computers. Companies have found lockdown very challenging as they have had to quickly switch from face-to-face meetings to teleconferencing and mass use of instant messaging. Working styles have changed overnight but have not necessarily been followed by changes in network security and employee training.

Phishing attempts, mass phishing campaigns, and ransomware attacks are very common.

Employees experience social isolation and feel stressed and thus it is common for them to act rashly and make poor decisions.

How to protect yourself from attack:

  • Strictly adhere to safety procedurs of our employer.
  • Report any observed hardware and software malfunctions and other suspicious situations to the security and IT departments.
  • Run reglar virus scans and install security updates.
  • Do not click on suspicious links on websites or in e-mails/text messages received and do not open any attachments if you have any doubt as to their reliability.

Although epidemic restrictions introduced by the government are milder now, you should be very careful both in the virtual and real space. We wish everyone a lot of health and patience with the restrictions !

First and foremost, remember that any situation can be exploited to launch an attack, commit fraud or extortion, or make a profit in any other unethical way. Today, cybercriminals exploit natural human reflexes and emotions, such as fear, stress, and an atmosphere of uncertainty and danger.

A great number of people have recently received text messages or e-mails informing them that the state plans to seize funds deposited in banks to fight the coronavirus. They were encouraged to make a declaration, opened with the link attached on the page, to preserve a certain amount of money in their bank accounts. Under no circumstances should it be opened!

Special attention should also be paid to messages received by e-mail from our banks or other institutions. Some of them contain phishing messages in which frauds use the current situation to inform us about their activities in connection with the epidemic and pretend to be entities we know. Details are available in the attached links directing to fake phishing sites. Be very cautious and verify that the site you open has the appropriate security features.

Frauds also exploit the desperate situation of hospitals asking for material assistance. They set up bogus fundraisers on the Internet to purchase personal protective equipment. Before donating, make sure you know who the organiser of the collection is and whether it is a trusted and well-known institution.

Problems in the supply of personal protective equipment leave the door wide open to fraud and abuse. Offers to purchase masks, disinfectants, and gloves at suspicious prices have appeared on the Internet. The large auction sites have begun to combat this practice, but it is still possible to find such advertisements.

There are also offers to sell medicines, drugs, and other remedies advertised as effective in preventing or combating the virus, often supported by pseudoscientific opinions or evidence of efficacy. Still, there are not any 

officially recommended or approved drugs or vaccine for the SARS-CoV-2 virus. Therefore, if you the advertised remedies, you will not be protected against the virus and may even have health problems.

It is also possible to reach out to offers to sell coronavirus tests from insecure and untested sources (usually from Asia). Again, far-reaching caution and prudence are recommended!

Due to the existing regulations and media campaigns encouraging people to stay home, online sales have increased. Again, this leaves a vast scope for massive fraud and abuse. There are a lot of bogus shops with discounts, promotions, and attractive offers referring to the #stayathome slogan. Remember to make sure that the e-shop where you found something interesting is credible.

Up-to-date information on the coronavirus is available at:
We also recommend our Intranet site:

Constant access to the Internet is now virtually indispensable, at least to the vast majority of the population. Being online has become a fashion, a lifestyle, and, in many cases, a way of running one’s own business. Many people cannot imagine life without a smartphone, tablet, or laptop at home and outside. One of our first questions we ask when we come to a new place is about access to WiFi. Internet packages on smartphones are very common today but are limited in size and we may wish to save money. In such a case, free WiFi often sounds like a lifesaver, especially abroad, on holiday, at the airport, in a hotel, or in a restaurant. Uploading the perfect photo to Facebook or Instagram is cheaper then. But is that really the case?

Not everyone is aware of how dangerous hot spots (public wireless networks) can be. Why are they dangerous?

Publicly accessible networks are rarely as well secured as office or home networks and sometimes have virtually no security at all. Therefore, they are a very convenient, simple, and effective gateway for various types of cybercriminals who can effortlessly steal our data, private passwords, or other information. Why is this so?

In home networks, the network name (SSID) and password (usually relatively complex to secure it against our neighbours) combined with an encryption protocol, such as WPA /WPA2, creates a secure “enclave.”

In a shopping centre, a café, or a park, we can see only the name of the available open network. All you have to do is click and be online...

If you do this, everything you type on a laptop or smartphone begins to circulate around the web unencrypted, e.g., instant messaging content, credit card numbers, and e-mail passwords. Could a cybercriminal dream of any better “easy pickings”?

Now, you can easily lose money in your account or fall prey to identity theft. A virtual threat can quickly turn into real problems.

So, how to use the Internet safely outside the home when connecting to hot spots? There are a few basic rules to follow.

  1. Treat any unknown network as suspicious. Verify its name and data, such as data obtained from hotel staff, a waiter in the café, or airport personnel.
  2. Avoid networks that are not password protected. These are most suspicious. They are often deliberately generated by hackers to tempt potential victims to connect to them.
  3. Turn off automatic connection to wireless networks. This will be less convenient for you but instead you can decide whether the network you have entered is safe.
  4. Use anti-virus and firewall software. This is the fundamental, but still some people do not remember about it and do not even use the free solutions available.
  5. When planning to carry out banking transactions or card payments, switch to data transfer on your phone and make sure that you are connecting to the correct site that uses SSL. A secure site will be marked with a green padlock and its address will include "https" instead of "http".
  6. If you are planning to connect to a home server or a company network, use the Virtual Private Network (VPN) mechanism to create a virtual, encrypted tunnel ensuring a secure connection. This can be easily created even using free applications.
  7. If possible, where you enter your passwords, try to introduce a two-step authentication process, e.g., text message verification. Ensure that the passwords are secure.

Finally, a bit of statistics. According to Symantec, in 2016, as much as 87% of US consumers used public networks and more than 60% of them thought there was no danger in doing so. It remains to be hoped that Polish Internet users, with the support of this publication, will achieve better results.

The next instalment in the cybersecurity threat series deals with the risks we are exposed to during the hectic pre-Christmas shopping that is increasingly being done via electronic shops.

Christmas is a time which we usually spend with our families and give them presents. To avoid overcrowded shops, galleries, and car parks, we increasingly choose online shops offering a relatively cheap and extensive range of everything we want to buy.

Research shows that 62% of purchases in Poland are made online. Unfortunately, the results of the research are also analysed by criminals, and they take great advantage of our preferences by impersonating online shops and payment operators or by posting fake advertisements and offers.

Being aware of the risks that await you when you cross the threshold of a virtual shop can help you avoid unpleasant surprises.

  • Start with verifying how long the e-shop you are interested in has been operating. The longer it has been on the market, the more secure our purchases generally are. You should be particularly vigiliant when seeing tempting offers from unknown suppliers
  • Read the reviews about the shop or seller that are published on the Internet. Particular caution is needed when you see many negative comments issued within a short period of time. It is often possible to discover immediately that a shop with an excellent offer is a dummy you are not going to see any more as soon as the payment is made.
  • Check the contact details on the shop's website. Look for the registered office address and contact phone number. Be careful if the shop only offers electronic contact. A trustworthy shop provides registration data (NIP, KRS, REGON), which can be verfied in publicly avaiable registers.
  • Beware of "special bargains" as criminals lure victims with exceptionally good deals on items that usually cost much more.
  • A shop that offers the possibility of personal collection is more credible than one that does not.
  • Before proceeding with the payment, check that you have been directed to the genuine site of the payment operator or bank. Check that the domain name is correct and that it has an SSL security certificate in the address bar of your browser.
  • Use trusted and estabilished operators. You should be concerned if you are asked to enter your payment card details on an unknown shop's website without being able to choose another payment method.
  • Verify whether the information on the page where you are to make the payment is correctly worded, logical, and correct in terms grammar and spelling. Any errors should raise your concern as a legitimate and professional shop takes care of every detail.
  • If you use foreign shops, make sure which currency is applied to show the price. Sometimes, it is shown in PLN on the product page and in USD or EUR on the payment page.
  • Avoid using payment links sent in text messages as they often lead to fake payment operator or bank websites.
  • If in doubt, contact the shop and requests clarification. If you have problems getting in touch, withdraw from the transaction and look for an alternative.
  • If a shop request redundant information from you when placing an order, be vigilant. This could be an attempt to obtain your confidential data. If you lose it, you can suffer severe losses.
  • If you have suspicions that a shop is a fradulent institution or you have already entere your card details, contact your bank immediately to block the card and report the matter to the police.

Christmas is a time of joy that we want to share with our loved ones. Make sure that a moment’s inattention or an ill-considered decision does not affect your mood. We wish you a successful and safe shopping experience and above all a peaceful and joyful Christmas full of warmth and positive energy.

Electronic correspondence is now one of the most popular forms of communication. We receive several, and sometimes even dozens of, e-mails, both private and business, every day. Messages are sent by banks, institutions, service providers, business partners, customers and, unfortunately, cybercriminals. Obviously, none of them will sign their real name as a cybercriminal. Instead, they will want to impersonate the sender we know as previously described in the section on phishing. They often send messages with malicious software that is dangerous to the recipient of the message and can paralyse an entire organisation if certain conditions are met. How does this happen?

In impersonating well-known companies or institutions, hackers often send fake attachments with malware in e-mails.

Opening an attachment triggers a code that starts to “live” on the victim’s computer, not necessarily immediately, leading to phishing, theft, or data encryption. Ransomware is one of the most dangerous software. It encrypts, for racketeering, not only the stations of the recipient of the message but also, thanks to its ability to move to other computers on the network, other workstations. This is a way to paralyse a large organisation in a very short time.

How do you defend yourself against an attack? As trivial as it sounds, do not open suspicious e-mails and especially their attachments. Unfortunately, this is a very common mistake!
Be careful when you see a strange message that you are not expecting, or you suspect you received by mistake.

Inform your network administrator or mail service provider about it. Make sure that you have antivirus software with the latest signatures on the station and – which we highly recommend – a firewall, which as a protective element helps you to effectively secure your computer. If you are an employee, do not open private e-mail on a company computer. In doing so, you risk not only your own security but also that of your employer.

Historically, a secret sequence of words or sentences, to be spoken out loud, was often used for authentication. Do you remember a famous Polish film with the quote “The best chestnuts grow on Pigalle square” which in combination with “Zuzanna likes them only in autumn” and the response “She is sending you a fresh batch” made strangers begin to trust each other? Nowadays, this method is used when we want to make an ICT system trust us and allow us access to the relevant information. This is usually done using a combination of an identifier and the associated password. You have to introduce yourself, provide your identity, e.g., login_name, for an e-mail account, enter the password, and perform authentication.

Typically, a password is a string of characters (with a specified minimum number of characters) consisting of a combination of upper- and lower-case letters, numbers, and special characters, e.g., !@#$%&.,)(.

If a password is complex and difficult to guess (cracking, takeovers), the data is more secure as the identifier and password defend access to it.

Remember that criminals wish to gain access to your information or money. Thanks to the ever-increasing computing power of popular computers, they have more and more effective methods of cracking passwords. Until recently, passwords of 8 characters were considered safe. Nowadays, a minimum of 10 or even 12 characters are recommended. Each additional character increases security. It now takes less than 8 hours to crack an 8-character password and around 1 year for 12-character password. This explains why you are still encouraged to change your password frequently.

Phishing is a fraudulent method in which an offender impersonates another person or institution to trick a user into providing sensitive data, such as login details, passwords, bank account, and credit card numbers, or to induce the victim to perform certain actions. The attack is based on social engineering methods and exploits the natural human trait to trust. The attacker impersonates legitimate organisations, institutions, government agencies, or service providers with whom you are in regular contact. The e-mails are well-prepared, both in terms of graphic and content. They politely and persuasively inform you of the need to make contact to confirm information, complete data necessary for the continuation of cooperation, or settle a small difference in payment, for example. Sometimes, they inform of an excellent short-term offer of an online shop or of certain problems that require logging into the system to be solved. The message is most often accompanied by a link that redirects the victim of the attack to a fake website for identity theft or for device infection and penetration of the computer system and data theft. These types of attacks are becoming more and more refined, so it is difficult to distinguish a genuine message from a phishing message.

How to identify phishing? You should be vigilant when you see any message or communication requesting the disclosure of personal and confidential information via e-mail or websites.

How can you protect yourself from an attack?

  • Learn good habits. do not respond to links in unsolicited e-mails from people or institutions you do not know and social networks.
  • Never open their attachments.
  • Verify the website address carefully. Pages are often perfectly fake and appear to be correct, but their URL is different from the original address of the institution (e.g., different domain).
  • Never reveal your password to anyone. The request to reveal the password should always arouse suspicion!
  • Do not pass on confidential data to anyone - on the phone, in person, or via e-mail or website.
  • Take care to use legal software and up-to-date version of your browser by installing the latest security patches.
  • Use anti-virus software. Many manufacturers have tools to protect against phishing.

The world we live in is filled with various types of computer and ICT systems, which make it easier for us to deal with complex official matters and simplify shopping, for example. Such systems are also used by Zespół Elektrociepłowni Wrocławskich KOGENERACJA S.A. to provide key services. However, you should remember that the use of any IT system is exposed to a number of threats and attempted attacks (viruses, worms, trojans, phishing, spyware, etc.), the complexity of which is constantly growing. Zespół Elektrociepłowni Wrocławskich KOGENERACJA S.A would like to support you, as a user of our services, in building awareness and knowledge regarding threats in cyber security and effective ways to protect against them.

The basic and most important tool for protecting your devices, computers, laptops, tablets, mobile phones, and the data on them is antivirus software. Remember to update it regularly. Even the widely available, free versions of anti-virus systems many times increase the level of protection of your devices against the penetration of malicious software that can effectively destroy your data. Do not wait and check today whether your laptop, tablet, or mobile phone has an antivirus program.