Thoughts on dealing with hacked accounts...

No, not mine!  Other firms that email us and typically are running hosted Outlook/Exchange get broken into and then we get a flood of dodgy emails with links that will lead to dodgy downloads or malware.  Fortunately, our phishing training is helping and people here are usually deleting these. But has anyone found a way to block this type of garbage?