This has been doing the rounds of govt agencies here in Aus as well.

The ones we are seeing are coming from 'a user' at your own domain and the link in the email has text of www.<yourdomain>.gov.au

The concern is that users will see it is from an 'internal address' and with a link to an 'internal website' and click on it because they 'trust' the internal site. So far, besides the URL it gets redirected to (which as it says doesn't resolve) there is very little to block on.

The best thing to do at the moment for us is to block incoming email from our own domain as there should be no reason for email from internal sources should go through the mail gateway