Learn what constitutes a security incident, why reporting is critical, and how to report effectively without fear.
Reporting a Security Incident
Early reporting of security incidents is one of the most impactful actions any employee can take. The faster IT is notified, the faster the damage can be contained — sometimes the difference between a minor incident and a major breach.
The Incident Reporting Decision Flow
✓ Key Point
When in doubt, always report. IT security teams would far rather investigate a false alarm than miss a real incident because someone wasn’t sure it was worth mentioning. You will never be in trouble for reporting something that turns out to be harmless.
What Counts as a Security Incident?
| Situation | Report? |
|---|---|
| Clicked a phishing link | YES — immediately |
| Entered credentials on a suspicious site | YES — immediately, change password too |
| Received unexpected MFA push requests | YES — your password may be compromised |
| Found a USB drive and plugged it in | YES — malware may have executed |
| Lost or had a work device stolen | YES — device must be remotely wiped |
| Emailed sensitive data to wrong person | YES — potential notifiable data breach |
| Noticed unusual activity on your account | YES — possible account compromise |
| Suspicious email you didn’t interact with | REPORT IT — use the “Report Phishing” button |
The Cost of Delayed Reporting
Barriers to Reporting (and Why They Are Wrong)
Many people don’t report because they feel embarrassed or fear consequences. This is exactly what attackers rely on.
⚠ Warning
“I’m scared of getting in trouble” — organisations have security incident policies precisely because mistakes happen. The person who covers up a phishing click and causes a full breach is in far more trouble than the person who immediately reported one.
“It was probably nothing” — let IT make that determination. Your job is to report; their job is to assess.
“I’ll wait and see if anything happens” — by then, it is too late. Credential stuffing attacks are automated and happen within minutes.
How to Report
Every organisation has a preferred reporting channel. Know yours before you need it:
- The “Report Phishing” button in Outlook or Gmail (if configured)
- Your IT helpdesk phone number or email
- A dedicated security@yourcompany email address
- Your manager, who escalates to IT
When you report, include:
- What happened and when
- What you clicked, opened, or entered
- Any unusual behaviour you observed afterwards
Something looks wrong right now?
Clicked something you shouldn’t have, or seeing activity you can’t explain? Every minute matters. Mobile Techs IT Service provides rapid incident response for Gold Coast businesses — containment, password resets, malware removal, and recovery — with no blame and no judgement. We can also set your business up before anything goes wrong: clear reporting channels, a simple incident plan, and staff who know exactly what to do. Home users welcome too — on-site or remote, anywhere in Australia.
Get incident help now → or call 1300 644 588

