This rule detects suspicious Google Drive shares that may contain sexually explicit content or patterns indicative of spam. It flags reports originating from non-organizational domains that contain certain emojis or explicit keywords commonly associated with sexual content. The detection focuses on emails from 'drive-shares-noreply@google.com', checking if the sender's email domain is not in the organization’s listed domains. Additionally, the rule performs a regex check on the subject line or email body for a range of sexually explicit keywords. If either of these conditions is met, the rule identifies the email as potential spam, allowing organizations to take appropriate actions to mitigate risks associated with inappropriate content sharing, particularly among users who may be vulnerable to social engineering tactics.