What is credential phishing?
Credential phishing is one of the most common cyber attacks. Attackers send emails that appear to come from a trusted source — your IT team, Microsoft, a bank, or a manager — to trick you into handing over your username and password.
What you should always remember
These rules apply to every employee, in every organisation, regardless of seniority or role.
Never share your password
No IT team, helpdesk, or provider will ever need your password. Not by email, phone, or chat. Ever.
Unexpected emails are suspicious
If you were not expecting the email — especially one asking you to click a link or log in — treat it as suspicious until verified.
Check the sender's real address
Display names can be faked. Always check the actual email address in the header — hover or tap the name to reveal it.
Use multi-factor authentication
MFA means that even if your password is stolen, an attacker cannot access your account without your second factor (e.g. an app notification).
What a phishing email looks like
Phishing emails are designed to create urgency and appear legitimate. Here is an example of the kind of message you should never respond to.
Dear User,
We have detected unusual activity on your account. To prevent suspension, please reply to this email with your username and current password so our team can verify your identity immediately.
Failure to respond within 24 hours will result in your account being locked.
— IT Helpdesk Team
What to do if you receive a suspicious message
If you receive an unexpected email asking for credentials or account details, follow these steps immediately.
Do not reply and do not click any links
Even clicking an unsubscribe link can confirm your email address is active. Close the email without interacting with it.
Do not enter your password on any linked page
Phishing links often lead to convincing fake login pages that look identical to Microsoft, Google, or your company portal. Check the URL carefully before entering anything.
Report it to your IT team or manager immediately
Forward the email as an attachment (not just forwarded text) to your IT support team so they can investigate and warn others if needed.
Change your password if you think you may have been compromised
If you accidentally clicked a link or entered your details anywhere, change your password immediately and contact your IT support team right away. Enable MFA if it is not already active.
Contact The Cloud Network support
If you are a managed customer, call us on 0345 450 9666 and we will investigate, assess the impact, and help you secure your account as quickly as possible.
Dos and don'ts
Keep these in mind for every email you receive.
- Verify unexpected requests by calling the sender directly using a known number
- Enable multi-factor authentication (MFA) on all accounts
- Use a unique, strong password for each account
- Report suspicious emails to your IT team or manager
- Check the full sender email address, not just the display name
- Reply to an email with your password or login credentials
- Click links in unexpected or suspicious emails
- Use the same password across multiple accounts
- Assume an email is safe because it looks professional or official
- Ignore suspicious emails — always report them
