An EU Delegation staff member in a third country receives a suspicious email that appears to come from the European External Action Service (EEAS) and requests access credentials for a Common Foreign and Security Policy (CFSP) meeting through a link to a fake login portal. According to the fundamental principles of cybersecurity and digital security applicable to the functioning of EU institutions, what is the correct action the staff member should take to protect the integrity of the information systems and sensitive data?