Safe Links is enabled intra-organization.

Why This Matters

When Safe Links is not enabled for intra-organization emails, malicious links sent between internal users bypass scanning entirely. This creates a blind spot where attackers can use compromised internal accounts to propagate phishing or malware links to other trusted users in your tenant.

What Aether365 Checks

This check verifies whether Microsoft Defender for Office 365 Safe Links policy is configured to scan links in emails sent between users within your organization. It appears in the Aether365 dashboard under microsoft-365 checks with a Medium severity rating.