The "Direct Send" feature simplifies internal message delivery for trusted systems, and the campaign successfully duped both Microsoft Defender and third-party secure email gateways.