Clarify instructions for reporting a suspected phishing email
It is a little unclear to me if an employee should both forward a suspicious email to phishing@ and then also report the email as phishing to GMail, or if we are to only execute one or the other. I made changes if we are to execute both.