MC910976 – (Updated) Microsoft Teams: Brand impersonation protection for Teams Chat

Microsoft Teams logo

check before: 2024-10-01

Product:

Teams

Platform:

Mac, Online, Windows Desktop, World tenant

Status:

Rolling out

Change type:

Admin impact, New feature, Updated message, User impact

Links:

421190

Details:

Summary:
Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-February 2025. This feature will be enabled by default with no admin configuration needed.

Details:
Updated January 24, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-February 2025 (previously mid-January).

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
Standard Release

Created:
2024-10-15

updated:
2025-01-25

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

linked item details

XXXXXXX ... free basic plan only

Pictures

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

User Confusion and Frustration
Users may be confused by the new high-risk alert system, leading to frustration and potential delays in communication as they navigate the Accept/Block flow.
   - roles: End Users, Support Staff
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=421190

Increased Support Tickets
The introduction of the impersonation alerts may lead to an increase in support tickets as users seek clarification on the new feature and how to handle alerts.
   - roles: Support Staff, IT Administrators
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=421190

Potential Communication Delays
Users may hesitate to accept messages from external contacts due to the new alerts, causing delays in communication and collaboration with external partners.
   - roles: End Users, Project Managers
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=421190

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

User Education and Awareness Programs
With the introduction of brand impersonation protection, there is an opportunity to enhance user education regarding phishing risks and how to identify potential threats. Regular training sessions can empower users to recognize and respond to high-risk alerts effectively, thus improving overall security posture.
   - next-steps: Develop a training program that includes information on the new feature, how to recognize phishing attempts, and best practices for external communications. Schedule regular training sessions and create easy-to-access resources for users.
   - roles: IT Security Team, HR Training Department, Team Leaders
   - references: https://www.csoonline.com/article/3530762/how-to-train-employees-to-spot-phishing-scams.html, https://www.cisco.com/c/en/us/products/security/email-security/what-is-phishing.html

Enhanced IT Security Monitoring
The ability to check for impersonation attempts automatically provides a chance to enhance IT security monitoring practices. By analyzing audit logs for impersonation attempts, the IT department can identify patterns and potentially strengthen security measures against external threats.
   - next-steps: Establish a protocol for regularly reviewing audit logs generated by Teams for impersonation attempts. Identify trends and potential vulnerabilities, and adjust security policies accordingly.
   - roles: IT Security Team, Compliance Officers, IT Administrators
   - references: https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365/, https://www.csoonline.com/article/3530762/how-to-use-audit-logs-to-improve-your-security.html

Integration with Existing Security Tools
The new impersonation protection feature can be integrated with existing security tools (like SIEM systems) to provide a comprehensive view of external threats. This integration can enhance threat detection and response capabilities.
   - next-steps: Evaluate current security tools and determine compatibility with Microsoft Teams' audit logs. Work on developing integration points and ensure that alerts from Teams can be ingested into existing security monitoring systems.
   - roles: IT Security Team, System Administrators, Compliance Officers
   - references: https://www.ibm.com/security/information-security/what-is-siem, https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/en-us/security/blog/2020/02/19/how-to-use-audit-logs-in-microsoft-365/

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only

** AI generated content. This information must be reviewed before use.

a free basic plan is required to see more details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.



change history

DatePropertyoldnew
2025-01-25MC Last Updated01/06/2025 01:37:482025-01-24T23:53:44Z
2025-01-25MC MessagesUpdated January 5, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-January 2025 (previously mid-December).
Updated January 24, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-February 2025 (previously mid-January).
2025-01-25MC End Time02/28/2025 09:00:002025-04-07T10:00:00Z
2025-01-25MC SummaryMicrosoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-January 2025. This feature will be enabled by default with no admin configuration needed.Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-February 2025. This feature will be enabled by default with no admin configuration needed.
2025-01-08MC Feature RingStandard Release, Targeted ReleaseStandard Release
2025-01-08MC Feature StatusLaunchedRolling out
2025-01-06MC MessagesUpdated November 27, 2024: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-December 2024 (previously mid-November).
Updated January 5, 2025: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-January 2025 (previously mid-December).
2025-01-06MC Last Updated11/28/2024 00:36:252025-01-06T01:37:48Z
2025-01-06MC SummaryMicrosoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, particularly during initial contact from external domains. This feature will be automatically enabled, with rollout phases starting late October 2024 for Targeted Release and mid-November 2024 for General Availability. No admin configuration is needed, and users will be prompted with high-risk warnings when impersonation is detected.Microsoft Teams is introducing a new security feature to alert users of potential brand impersonation in Teams Chat, especially during initial contact from external domains. Rollout begins late October 2024 for Targeted Release and mid-November 2024 for General Availability, completing by mid-January 2025. This feature will be enabled by default with no admin configuration needed.
2024-11-28MC MessagesComing soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-November 2024.
Updated November 27, 2024: We have updated the rollout timeline below. Thank you for your patience.
Coming soon to Microsoft Teams: A new feature to enhance the security in external collaboration. If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution.
This message is associated with Microsoft 365 Roadmap ID 421190.
[When this will happen:]
Targeted Release: We will begin rolling out late October 2024 and expect to complete by late October 2024.
General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-December 2024 (previously mid-November).
2024-11-28MC TitleMicrosoft Teams: Brand impersonation protection for Teams Chat(Updated) Microsoft Teams: Brand impersonation protection for Teams Chat
2024-11-28MC Last Updated10/15/2024 00:53:152024-11-28T00:36:25Z
2024-11-28MC MessageTagNamesNew feature, User impact, Admin impactUpdated message, New feature, User impact, Admin impact
2024-11-06MC Feature RingTargeted ReleaseStandard Release, Targeted Release
2024-11-06MC Feature StatusRolling outLaunched
2024-10-31MC Feature RingTargeted Release
2024-10-31MC Feature StatusScheduledRolling out

Last updated 4 hours ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!