Issue
Microsoft Defender blocks by default any link that uses sendgrid.net, warning that the website is classified as Malicious, and that opening the link might not be safe.
Product
Twilio SendGrid (Email)
Cause
The default policy in Microsoft Defender is blocking websites associated with mass marketing, such as SendGrid. When Click Tracking is enabled and there is no link branding set up on the account (or there is no link branding associated with an specific sending domain), links are wrapped using sendgrid.net, starting as https://u*******.ct.sendgrid.net/ls/click?
Resolution
If Click Tracking is enabled on your account, our recommendation is setting up Branded Links for all your sending domains. However, this might sometimes lead to a similar blocking, although the cause of this new block will be different: The lack of a matching SSL certificate for the branded link. In this second scenario, the solution is following the steps to enable SSL Click tracking on the account.
Additional Information
You can refer to the following resources that are related to the actions or security errors mentioned in this article:
How to Disable or Turn Off Link Branding
Enabling SSL for Click and Open Tracking
Troubleshooting “ERR_CERT_COMMON_NAME_INVALID” Error for SSL