Jun 04 2021 04:00 AM
Hi Team,
Recently we have seen an uptick in a phishing campaign which targets user's by using old email conversations as thread and includes a link to download malicious file. The link which is present in the email body is not having any prefix (https/http/www) due to which it is not recognized as a URL by MS and not being re-written (attaching screenshot for reference).
Is there any rule/condition/setting that can be used to detect & block such URLs/emails?