Protection against viruses

We provide the maximum possible protection against viruses while maintaining the anonymity of the whistleblower. Sending a virus as an attachment is highly unlikely. For absolute safety, we recommend scanning the downloaded file with antivirus software before opening it.

How does sending attachments work in terms of security?

  1. The sender can only upload certain types of files as attachments. These allowed file types have been selected by us and are considered safe. They are standard file types that are not programmable.
  2. We check the file extension and mime-type of the attachment. The uploaded file is stripped of metadata and other information that could help identify the reporter and compromise anonymity.
  3. The attachment is encrypted along with the report and sent to the server. The server only stores the attachment and does not interact with it in any way.
  4. If an administrator wants to download the attachment, it is sent encrypted from the server, decrypted by the browser, and made available for download.

Factors preventing attacks: 

  • Only selected standard file types that are not programmable can be uploaded. (Exceptions are macros and executable JS in PDF.)
  • Headers and metadata are stripped from the files, and a virus attack would have to adapt to this. 
  • Attachments are encrypted and not opened or executed within the system. The administrator has the option to download the attachment and open it on their own system. The reporting system as a whole is secure, and once the downloaded file is checked with antivirus software, it can be opened without concern.


  • Due to the encryption of the attachment, it is not possible to integrate antivirus protection, which would have to be performed on the server where the unencrypted and non-anonymized file would be sent. This is an unavoidable compromise made with the goal of protecting the anonymity of the whistleblower and maintaining the confidentiality of the report.