How to report a suspected security incident at work
Reporting fast and early is what limits damage. You won’t be in trouble for raising a false alarm — the opposite.
- Report the moment you’re suspicious — a clicked link, an odd email, a strange prompt — don’t wait to be sure.
- Note what happened, when, and how it arrived, while it’s fresh.
- Contact your IT team or provider through your agreed channel — phone or ticket, not by replying to the suspect email.
- Don’t forward a suspicious email to colleagues ’to warn them’ — it spreads the risk; tell IT instead.
- Keep the device on but disconnected from the network unless told otherwise.
- Follow up to confirm it was received — silence is not confirmation.
Still stuck after those?
You’ve done the right thing by trying. Send whedo.it a quick note — what you tried, what you saw — and a senior pair of eyes will be on it the same business day.