Crossposted using Lemmit.

Original post from /r/sysadmin by /u/darking_ghost on 2023-07-07 14:50:29+00:00.


So I recently have seen some users (from multiple tenants) reporting that they received emails as such, https://snipboard.io/3GRm1S.jpg where it’s just an embedded image and embedded link (rather than HTML) redirecting to malicious sites, they use bitly, google ads, etc.

Is this something new? Is there anything I can improve in my policies?

We have anti-spam and phishing (Phishing threshold set to 3)setup as well as safe links, whenever something is detected it goes to quarantine)