diff --git a/detection-rules/body_microsoft_logo_bing_redirect.yml b/detection-rules/body_microsoft_logo_bing_redirect.yml
index f115d7d27f6..971e62d5e26 100644
--- a/detection-rules/body_microsoft_logo_bing_redirect.yml
+++ b/detection-rules/body_microsoft_logo_bing_redirect.yml
@@ -44,7 +44,10 @@ source: |
   )
   
   // Bing redirect
-  and any(body.links, any(.href_url.rewrite.encoders, strings.contains(., "bing_open_redirect")))
+  and any(body.links,
+      (.href_url.domain.root_domain == 'bing.com' and .href_url.path =~ '/ck/a')
+      or "bing_open_redirect" in .href_url.rewrite.encoders
+  )
   and sender.email.domain.root_domain not in $org_domains
   and sender.email.domain.root_domain not in (
     "bing.com",