Reporting Cybercrime to Lögreglan and CERT-ISIceland

Researched by , Head Researcher

Primary sources cited; not legal advice.

Last verified:

Source: Lögreglan; CERT-IS at PFS / Fjarskiptastofa; Almenn hegningarlög nr. 19/1940 §§ 228–229, 250, 251.

Sourced from Icelandic Acts of the Althingi, statutory instruments, and official guidance. Written in plain language for general understanding — this is educational content, not legal advice. Our editorial standards

Icelandic National Law

What is this right?

Cybercrime in Iceland is investigated by Lögreglan (the Icelandic Police). Reports are made online at logreglan.is or by phone 444 1000 (non-emergency). National incident response is provided by CERT-IS. The statutory framework is the Almenn hegningarlög nr. 19/1940 (Penal Code) — §250 (fraud), §251 (data fraud), §§ 228–229 (privacy).

When does it apply?

  • Online fraud, account takeover, identity theft, sextortion.
  • Investment / crypto scam.
  • Phishing / impersonation of Icelandic entities.
  • SIM-swap fraud.

Filing a Cybercrime Report in Iceland

  1. Report at logreglan.is or 444 1000.
  2. Identify the Penal Code section. §250 (general fraud), §251 (data fraud), §228 (defamation), §229 (privacy / image-based).
  3. For systemic incidents, also notify CERT-IS.

What should you NOT do?

  • Don't pay 'recovery agents' upfront.
  • Don't post details on Icelandic social media before reporting.

About Scams, Fraud & Money Recovery in Iceland

Iceland's scam-recovery system runs across three institutions. Lögreglan (Icelandic Police) investigates cybercrime under Almenn hegningarlög nr. 19/1940 §§ 228–229 (privacy), 244–246 (theft, robbery), 250 (fraud), 251 (data fraud). CERT-IS provides national incident response. For the money side, Fjármálaeftirlit (Central Bank of Iceland Financial Supervisory Authority) supervises banks under Lög um greiðsluþjónustu (Payment Services Act, Lög nr. 114/2021) — Iceland's PSD2 transposition via EEA. Consumer disputes escalate to the Úrskurðarnefnd um viðskipti við fjármálafyrirtæki (Consumer Complaints Committee against Financial Undertakings).

Emergency: 112. Non-emergency police: 444 1000.

Common Questions

What does Penal Code §251 cover?

Section 251 — tölvuglæpi (data fraud / computer-related fraud) — criminalises unauthorised influence on data-processing to obtain unlawful gain. Maximum penalty: 6 years' imprisonment.

What is the reporting cybercrime to lögreglan and cert-is right in Iceland?

Cybercrime in Iceland is investigated by Lögreglan (the Icelandic Police). Reports are made online at logreglan.is or by phone 444 1000 (non-emergency). National incident response is provided by CERT-IS. The statutory framework is the Almenn hegningarlög nr. 19/1940 (Penal Code) — §250 (fraud), §251 (data fraud), §§ 228–229 (privacy).

When does it applyreporting cybercrime to lögreglan and cert-is?

Online fraud, account takeover, identity theft, sextortion.Investment / crypto scam.Phishing / impersonation of Icelandic entities.SIM-swap fraud.

How do I report a cybercrime in Iceland?

Report at logreglan.is or 444 1000.Identify the Penal Code section. §250 (general fraud), §251 (data fraud), §228 (defamation), §229 (privacy / image-based).For systemic incidents, also notify CERT-IS.

What should you NOT doreporting cybercrime to lögreglan and cert-is?

Don't pay 'recovery agents' upfront.Don't post details on Icelandic social media before reporting.

More in Scams, Fraud & Money Recovery

First 24 Hours After Being ScammedThree jobs in parallel. Call your bank's fraud line — under Lög um greiðsluþjónustu (PSD2 via EEA), the bank must refund...Read more →Recovering Money from an Icelandic BankIceland's money-recovery framework is two-step. Step 1: bank complaint. Under Lög um greiðsluþjónustu nr. 114/2021 (PSD2...Read more →
← Browse all Scams, Fraud & Money Recovery

Last verified:

You came here to know your rights — help someone else know theirs.

Support This Mission