What to do if you find a malicious mail rule in Microsoft 365
What to do when you find a malicious mail filter in Google Workspace
Guide to triaging a potentially malicious mail rule
How to restrict external forwarding Microsoft 365
How does Push determine if a mail rule is suspicious?