What action should the cloud administrator take to protect accounts from potential compromises due to phishing emails?

To protect accounts from potential compromises due to phishing emails, notifying users who received the email to reset their passwords is a proactive measure. This action helps mitigate risk by ensuring that even if any of the users inadvertently provided their credentials to the attacker, the passwords are updated and rendered useless for the attacker.

When users reset their passwords promptly, it minimizes the time that a compromised account could be misused, thereby enhancing overall security. Additionally, informing users about the phishing attempt raises awareness and educates them about recognizing similar threats in the future, fostering a more security-conscious environment within the organization.

In contrast, simply changing the encryption key locks all users out of email without directly addressing the compromised accounts. It also creates unnecessary disruption, as users need to regain access without necessarily resolving any issues with potential phishing attacks.