@Marvin Rhoads wrote:Say an on-premises user logs into his or her cloud-based personal email account and clicks a link in a phishing email. (Assuming here your corporate email is already protected by an ESA and no phishing email ever arrive there.) ...