...and that's something you don't want to do. You can still send the link in the email, but don't make it clickable - make them cut & paste the url into their browser. If they have to select, cut, paste, hit enter, and STILL don't notice it is sending them to maliciouslink.com/exploit.asp instead of yourwebsite.com/valid.html... well, you've done all you can for them.

You could send them a link to a nsfw shock site and I guarantee they'll start carefully reading links instead of blindly clicking them... but HR/legal departments probably wouldn't approve of that strategy.

Some malicious links get sneaky, disabling or displaying "OnMouseOver" text that is incorrect to hide the real link and/or typing out https.://YourNormalBank.com while actually linking to FakeBankSucker.com. If the link appears to be written out in the email, 90%+ will just click it and assume that is where they are going.