Messages flagged as impersonation attempts are automatically quarantined or removed before reaching the inbox. Alerts may also be sent to users or IT teams with details on the threat and recommended follow-up actions.