SAT Links being clicked by EMS : TrustLayer

SAT Links being clicked by EMS Print

Modified on: Wed, 3 Sep, 2025 at 10:18 AM

We have had a number of cases where customers have stated that Phishing/Spam simulations have been clicked by EMS when being processed. This will not be the case, as we do not have any systems that open URLs within emails. The issue will be caused by Office365 as it opens links when checking they are safe, and the customer will need to create an exclusion, as per the following KB article:
https://learn.microsoft.com/en-us/defender-office-365/safe-links-policies-configure

Example Cases:
https://trustlayer.freshdesk.com/a/tickets/80674

If you need a copy pasta, please use the below:
We do occasionally get this query, and to assure you we do not have any systems within EMS that opens URLs within an email. Our rewriting system, LinkScan, compares URLs to databases of known malicious URLs and provides a redirected splash page when the user opens/clicks the URL within the email.
We have found that O365 opens links with their rewriting system, and you will need to configure an exclusion based on the following KB article:
https://learn.microsoft.com/en-us/defender-office-365/safe-links-policies-configure

Once an exclusion has been configured, the issue should be resolved. However, do let me know if you have any queries.

Did you find it helpful? Yes No

SAT Links being clicked by EMS Print

Related Articles