ITS makes use of Gmail's compliance rules (that are defined by our Google Workspace administrators) to automatically quarantine incoming or outgoing emails.
A recent phishing trend is not to use any visible text in the message body and instead use an image contained within a hyperlink that directs to a malicious login page.
Thankfully all of these phishing emails were never delivered to inboxes, spam folders, etc. They matched an existing email compliance rule and were delivered in our organization's email quarantine.