Email-link obfuscation (for whatever purpose) makes it nearly impossible to determine a real email from a phishing attempt. Even if you notice AFTER clicking the link that it is no good (i.e. before entering credentials).
My company used to mandate all emails are signed with AD-registered certificates to lend credibility, but they've moved away from that. (I think the reasoning was that webmail clients don't have robust support for S/MIME certs, but I'm not sure.)
My company used to mandate all emails are signed with AD-registered certificates to lend credibility, but they've moved away from that. (I think the reasoning was that webmail clients don't have robust support for S/MIME certs, but I'm not sure.)