diff --git a/defender-office-365/secure-by-default.md b/defender-office-365/secure-by-default.md
index aa75fd2282..1bc6d09b56 100644
--- a/defender-office-365/secure-by-default.md
+++ b/defender-office-365/secure-by-default.md
@@ -5,7 +5,7 @@ f1.keywords:
 author: chrisda
 ms.author: chrisda
 manager: bagol
-ms.date: 07/09/2025
+ms.date: 12/18/2025
 audience: ITPro
 ms.topic: concept-article
 ms.localizationpriority: medium
@@ -39,7 +39,7 @@ However, security needs to be balanced with productivity. This balance includes:
 All organizations with cloud mailboxes automatically receive email protection. This protection includes:
 
 - Email with suspected malware is automatically quarantined. The quarantine policy used by the anti-malware policy controls whether recipients are notified. For more information, see [Configure anti-malware policies](anti-malware-policies-configure.md).
-- Email identified as high confidence phishing is handled according to the anti-spam policy action. See [Configure anti-spam policies](anti-spam-policies-configure.md).
+- Email identified as high confidence phishing is quarantined due to secure by default and the action configured for high confidence phishing in the relevant anti-spam policy.
 
 For more information, see [Default email protections for cloud mailboxes](eop-about.md).