Microsoft Introduces Phishing Protection for Teams Chat

Home/Internet Security, Microsoft, Regulation, Security Advisory, Security Update, Tips/Microsoft Introduces Phishing Protection for Teams Chat

Microsoft Introduces Phishing Protection for Teams Chat

Microsoft has introduced a new phishing protection feature for Teams to enhance cybersecurity.

The feature alerts users to potential impersonation risks in chats from external domains, a common phishing tactic.

It will roll out in phases, starting in late October 2024, with global availability by mid-February 2025.

New Phishing Protection Feature

Microsoft Teams’ popularity as a collaboration tool has made it a target for cybercriminals.

Organizations allowing communication with external domains are especially vulnerable to phishing, where attackers impersonate trusted brands to steal credentials, spread malware, or launch ransomware attacks.

Microsoft’s new security feature scans messages from external senders during first contact. If it detects brand or domain impersonation, it flags the message with a high-risk alert, prompting users to verify the sender’s name and email before responding.

The rollout will occur in two phases:

  • Targeted Release: Starting late October 2024 for select users to test and provide feedback.
  • General Availability: Global rollout begins mid-November 2024, completing by mid-February 2025.

Initially set for mid-January 2025, Microsoft has adjusted the timeline to ensure a smooth rollout of this security enhancement.

The new feature is enabled by default, requiring no action from IT admins. Organizations can track impersonation attempts via audit logs and should educate employees on recognizing alerts.

Phishing campaigns targeting Teams users, including those by groups like FIN7 and Storm-1811, have surged. These attackers impersonate IT staff, often using “email bombing” to overwhelm victims before initiating contact. Once trust is gained, they exploit Teams’ tools like Quick Assist or screen sharing to install malware, steal credentials, or deploy ransomware like Black Basta.

Between November 2024 and January 2025, over 15 incidents were reported, with activity peaking in early 2025.

Microsoft’s advanced phishing protection for Teams reflects a proactive effort to enhance security while maintaining a seamless user experience.

Post Views: 90
By | 2025-01-28T23:14:18+05:30 January 28th, 2025|Internet Security, Microsoft, Regulation, Security Advisory, Security Update, Tips|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!