This is a real problem with so much stuff outsourced to external cloud providers. Used to be, if it was from the company intranet, no problem. Now every survey, every training thing, every new flavour of the month is from external mystery domains and then it wants your corporate credentials to log in. At my company they keep us sharp by running "fake phishing" campaigns to kind of gamify recognizing phishing emails. But this shouldn't be necessary for legitimate corporate stuff.