Don’t answer messages that read something like: “Our servers have been updated... Our security systems have been temporarily suspended and will be up again on... We are forced to ask for your cooperation to quickly restore the data in the new platforms... Connect to...” These are sophisticated technological mechanisms to get fraudulently e-mail addresses and other data, an illegal practice known as “phishing”.
Don’t answer even if you know the sender. If you are registered in a web page that must update its data, the most legitimate procedure is for the page to request it when you visit it, and not through an e-mail.
In the case of corporate e-mails, it is better for the company to establish specific security procedures that are totally different from “phishing”.
These suggestions are taken from my book Email at the workplace.