check before: 2025-09-01
Product:
Defender, Defender for Office 365, Defender XDR, Entra, Microsoft 365 admin center, Teams, Windows
Platform:
Android, iOS, Mac, Online, Web, Windows Desktop, World tenant
Status:
In development
Change type:
New feature, User impact
Details:
Summary:
Microsoft Defender for Office 365 will introduce message warnings in Microsoft Teams for messages containing URLs flagged as Spam, Phish, or Malware. Starting with a public preview in September 2025 and general availability in November 2025, warnings will appear for both recipients and senders, enabled by default and manageable via Teams Admin Center.
Details:
[Introduction]
To help users stay protected from malicious content, we're introducing message warnings in Microsoft Teams. This new feature displays a warning banner on messages containing URLs flagged as Spam, Phish, or Malware-whether the message is internal or external. These warnings enhance user awareness and complement existing security protections like Safe Links and ZAP.
This post is associated with Roadmap ID 502879.
This message center post was created in collaboration with Microsoft Teams and is related to the Teams post MC1148539.
Figure i. Recipient View: Users will find a warning banner on messages containing malicious URLs.
Figure ii. Sender View: Senders will also be notified if their message includes a flagged URL.
[When this will happen:]
Public Preview (Worldwide): Begins early September 2025 and completes by mid-September 2025.
General Availability (Worldwide): Begins early November 2025 and completes by mid-November 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview, Standard Release
Created:
2025-09-11
updated:
2025-09-11
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
User Awareness and Decision Making
Users may experience confusion or frustration if they receive warnings about malicious URLs without prior training or communication, potentially leading to distrust in the messaging system.
- roles: End Users, Helpdesk Support
- references: https://learn.microsoft.com/defender-office-365/mdo-support-teams-about, https://learn.microsoft.com/microsoftteams/malicious-url-protection-teams
Operational Disruption
Helpdesk teams may face an increase in support tickets related to the new warning feature, as users may not understand the implications of the warnings, leading to operational inefficiencies.
- roles: Helpdesk Support, IT Administrators
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=502879, https://learn.microsoft.com/microsoftteams/malicious-url-protection-teams
Compliance and Data Processing Changes
The introduction of message warnings may lead to changes in how data is processed and stored, which could raise compliance concerns if not properly communicated and managed.
- roles: Compliance Officers, IT Administrators
- references: https://learn.microsoft.com/defender-office-365/mdo-support-teams-about, https://learn.microsoft.com/microsoftteams/malicious-url-protection-teams
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Enhanced User Training and Awareness
With the introduction of message warnings for malicious URLs, there is an opportunity to enhance user training programs focused on cybersecurity awareness. Training sessions can be developed to educate users on recognizing phishing attempts and understanding the importance of the new warning system. This proactive approach can significantly reduce the risk of falling victim to malicious attacks.
- next-steps: Develop a training curriculum that includes the new features of Microsoft Defender for Office 365, schedule training sessions, and create supporting materials such as guides and videos.
- roles: IT Security Team, Training Coordinators, All Employees
- references: https://www.csoonline.com/article/3572898/why-cybersecurity-awareness-training-is-more-important-than-ever.html, https://www.microsoft.com/security/blog/2021/02/09/the-importance-of-cybersecurity-awareness-training/
Integration with Helpdesk Systems
The new warning system presents an opportunity to integrate these alerts with helpdesk ticketing systems. This can streamline the process of reporting and addressing phishing attempts, allowing the IT support team to track incidents more effectively and respond to user concerns promptly.
- next-steps: Evaluate current helpdesk systems for compatibility, develop integration plans, and test the workflow to ensure seamless reporting and tracking of phishing alerts.
- roles: IT Support Team, Helpdesk Managers, System Administrators
- references: https://www.itproportal.com/guides/5-tips-for-optimizing-your-helpdesk-support-system/, https://www.zendesk.com/blog/help-desk-integration/
Utilization of Analytics for Threat Detection
The introduction of message warnings allows for the collection of data on flagged messages. This data can be analyzed to identify patterns in phishing attempts, which can enhance overall security posture and inform future security strategies. Leveraging analytics can help in predicting and preventing future attacks.
- next-steps: Set up a system for collecting and analyzing data from flagged messages, create reports to share insights with the security team, and adjust security measures based on findings.
- roles: Data Analysts, IT Security Team, Compliance Officers
- references: https://www.ibm.com/security/data-breach, https://www.forbes.com/sites/bernardmarr/2021/01/11/the-importance-of-data-analytics-in-cybersecurity/?sh=4b6c65d12a93
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 1 week ago ago
