Hello,

Since yesterday, MS 365 Defender is sending Alerts "User clicked a malicious link in Teams chat involving one user" or "A user clicked through to a potentially malicious URL​" and all links are related to out internal domain and it blocks only if ran from Outlook. We have adjusted all the policies and added domains in Allow Tenant option, but it keeps sending Alerts and blocks links as malicious one.

Have you had similar case?

Thanks.

Br,

Davor