To reduce the risks of cyber incidents caused by phishing attacks, EUI is checking links to external websites via a service called Advanced Threat Protection (ATP). When you open the link, the email security system will check its threat status. If there is no risk detected, it will simply redirect your browser to the initial URL. In case the link doesn’t seem secure, the URL will be blocked.
Emails are one of the main instruments of cyber-attacks. To protect the EUI against threats, emails that come from outside are checked at entry into the EUI's IT systems. The EUI’s security system checks any web links that they contain, to ensure that the sites they point to are safe.
Attackers now commonly use web links that seem to point to inoffensive sites to defeat the security system. Moments after the messages have been successfully checked and delivered to their recipients' mailboxes, the attackers change the URL to carry malicious payloads. This means that even if a harmless message is delivered in your mailbox, it can be turned into a threat.
Would It Be Possible to Disable This Protection (i.e. Is There an Opt-out Mechanism)?
The purpose of rewriting URLs in emails is to protect information (both the EUI's and the users) and the whole IT environment. The URL rewriting and checking mechanism is therefore applied systematically, as part of the EUI's email services, as a matter of Information security. The original URL is contained in the rewritten URL, and can be recovered if needed (see Safe Links for more details).
For further information on this topic, please check Office 365 Advanced Threat Protection.