check before: 2024-10-01
Product:
Teams
Platform:
Mac, Online, Windows Desktop, World tenant
Status:
Rolling out
Change type:
Admin impact, New feature, Updated message, User impact
Links:
Details:
Summary:
Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-February 2025. This feature will be enabled by default with no admin configuration needed.
Details:
Updated January 24, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-February 2025 (previously mid-January).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Standard Release
Created:
2024-10-15
updated:
2025-01-25
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
User Confusion and Frustration
Users may be confused by the new high-risk alert system, leading to frustration and potential delays in communication as they navigate the Accept/Block flow.
- roles: End Users, Support Staff
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=421190
Increased Support Tickets
The introduction of the impersonation alerts may lead to an increase in support tickets as users seek clarification on the new feature and how to handle alerts.
- roles: Support Staff, IT Administrators
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=421190
Potential Communication Delays
Users may hesitate to accept messages from external contacts due to the new alerts, causing delays in communication and collaboration with external partners.
- roles: End Users, Project Managers
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=421190
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
User Education and Awareness Programs
With the introduction of brand impersonation protection, there is an opportunity to enhance user education regarding phishing risks and how to identify potential threats. Regular training sessions can empower users to recognize and respond to high-risk alerts effectively, thus improving overall security posture.
- next-steps: Develop a training program that includes information on the new feature, how to recognize phishing attempts, and best practices for external communications. Schedule regular training sessions and create easy-to-access resources for users.
- roles: IT Security Team, HR Training Department, Team Leaders
- references: https://www.csoonline.com/article/3530762/how-to-train-employees-to-spot-phishing-scams.html, https://www.cisco.com/c/en/us/products/security/email-security/what-is-phishing.html
Enhanced IT Security Monitoring
The ability to check for impersonation attempts automatically provides a chance to enhance IT security monitoring practices. By analyzing audit logs for impersonation attempts, the IT department can identify patterns and potentially strengthen security measures against external threats.
- next-steps: Establish a protocol for regularly reviewing audit logs generated by Teams for impersonation attempts. Identify trends and potential vulnerabilities, and adjust security policies accordingly.
- roles: IT Security Team, Compliance Officers, IT Administrators
- references: https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365/, https://www.csoonline.com/article/3530762/how-to-use-audit-logs-to-improve-your-security.html
Integration with Existing Security Tools
The new impersonation protection feature can be integrated with existing security tools (like SIEM systems) to provide a comprehensive view of external threats. This integration can enhance threat detection and response capabilities.
- next-steps: Evaluate current security tools and determine compatibility with Microsoft Teams' audit logs. Work on developing integration points and ensure that alerts from Teams can be ingested into existing security monitoring systems.
- roles: IT Security Team, System Administrators, Compliance Officers
- references: https://www.ibm.com/security/information-security/what-is-siem, https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365/
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
Date | Property | old | new |
2025-01-25 | MC Last Updated | 01/06/2025 01:37:48 | 2025-01-24T23:53:44Z |
2025-01-25 | MC Messages | Updated January 5, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution. This message is associated with Microsoft 365 Roadmap ID 421190. [When this will happen:] Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024. General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-January 2025 (previously mid-December). | Updated January 24, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution. This message is associated with Microsoft 365 Roadmap ID 421190. [When this will happen:] Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024. General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-February 2025 (previously mid-January). |
2025-01-25 | MC End Time | 02/28/2025 09:00:00 | 2025-04-07T10:00:00Z |
2025-01-25 | MC Summary | Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-January 2025. This feature will be enabled by default with no admin configuration needed. | Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-February 2025. This feature will be enabled by default with no admin configuration needed. |
2025-01-08 | MC Feature Ring | Standard Release, Targeted Release | Standard Release |
2025-01-08 | MC Feature Status | Launched | Rolling out |
2025-01-06 | MC Messages | Updated November 27, 2024: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution. This message is associated with Microsoft 365 Roadmap ID 421190. [When this will happen:] Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024. General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-December 2024 (previously mid-November). | Updated January 5, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution. This message is associated with Microsoft 365 Roadmap ID 421190. [When this will happen:] Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024. General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-January 2025 (previously mid-December). |
2025-01-06 | MC Last Updated | 11/28/2024 00:36:25 | 2025-01-06T01:37:48Z |
2025-01-06 | MC Summary | Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, particularly during initial contact from external domains. This feature will be automatically enabled, with rollout phases starting late October 2024 for Targeted Release and mid-November 2024 for General Availability. No admin configuration is needed, and users will be prompted with high-risk warnings when impersonation is detected. | Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-January 2025. This feature will be enabled by default with no admin configuration needed. |
2024-11-28 | MC Messages | Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190. [When this will happen:] Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024. General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-November 2024. | Updated November 27, 2024: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution. This message is associated with Microsoft 365 Roadmap ID 421190. [When this will happen:] Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024. General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-December 2024 (previously mid-November). |
2024-11-28 | MC Title | Microsoft Teams: Brand impersonation protection for Teams Chat | (Updated) Microsoft Teams: Brand impersonation protection for Teams Chat |
2024-11-28 | MC Last Updated | 10/15/2024 00:53:15 | 2024-11-28T00:36:25Z |
2024-11-28 | MC MessageTagNames | New feature, User impact, Admin impact | Updated message, New feature, User impact, Admin impact |
2024-11-06 | MC Feature Ring | Targeted Release | Standard Release, Targeted Release |
2024-11-06 | MC Feature Status | Rolling out | Launched |
2024-10-31 | MC Feature Ring | Targeted Release | |
2024-10-31 | MC Feature Status | Scheduled | Rolling out |
Last updated 4 hours ago