Phishing Email Incident Response Plan Form
Use this form to report a suspected phishing email and record the details needed to assess risk and coordinate response actions.
Incident Reporter Details
Full Name
*
First Name
Middle Name
Last Name
Work Email Address
*
example@example.com
Department / Team
*
Please Select
IT
Security
Human Resources
Finance
Operations
Sales
Marketing
Engineering
Customer Support
Other
Preferred Contact Method
*
Email
Phone
Chat
Phishing Incident Details
Date and time received
*
-
Month
-
Day
Year
Date
Hour Minutes
AM
PM
AM/PM Option
Email subject line
*
Sender address or display name
*
Affected mailbox / user
*
How was the email received?
*
Inbox
Spam/Junk
Forwarded
Other
Why does the email seem suspicious, and what actions have already been taken?
*
Response and Impact Tracking
Was any link clicked or attachment opened?
*
No
Link clicked
Attachment opened
Both link clicked and attachment opened
Were any credentials or sensitive details entered?
*
No
Yes, credentials entered
Yes, sensitive details entered
Unsure
Suspected impact severity
*
Please Select
Low
Moderate
High
Critical
Immediate actions taken
*
Isolated device
Changed password
Reported to IT/Security
Deleted the email
Blocked sender
Scanned device for threats
Contacted affected recipients
Other
Additional notes or follow-up needed
Submit Incident
Should be Empty: