The security policy of a large company I work for blocks all figma links sent by mail. Their argument is that there is no way to know if a link is trustworthy, because it refers to the delivery provider and not to the domain it actually links to. A link in a figma mail typically starts like this:
They security team argues that this design choice facilitates pishing attacks and is increasingly exploited. Also see the following link:
SendGrid & Mailchimp Phishing Attacks: How Scammers Leverage Email Delivery Services To Their Advantage
Is there any way that figma mails contain the actual figma links? This problem makes countless workflows in the company inefficient.
Thank you for feedback and info on that topic!