This rule aims to detect potential exploitation of open redirect vulnerabilities specifically associated with the domain 'ssg-financial.com'. The rule identifies messages that include links to this domain, particularly those that attempt to redirect users through a specified API path ('/api/v1/track/click/'). The detection logic focuses on capturing links containing a 'redirecturl' parameter, while ensuring that such links do not point back to 'ssg-financial.com' using a specified regex pattern. Additionally, it implements a check against trusted sender domains, negating alerts for them unless they fail DMARC authentication, thereby reducing false positives from reputable sources. The rule has significant relevance as open redirects can be exploited for phishing attacks, making it critical for preventing potential credential theft and malware dissemination. It classifies the severity of these events as medium, reflecting a moderate risk to users and systems.