Microsoft Teams to Add Brand Impersonation Protection to Prevent Phishing Attacks
Brand impersonation protection automatically alert users about potential phishing attempts in Microsoft Teams chat.
Published: Jan 28, 2025
Key Takeaways:
- Microsoft Teams will alert users to brand impersonation attempts in external messages.
- This security feature will hit general availability next month.
- Admins should educate employees on the high-risk Accept/Block screen.
Microsoft has announced that the new brand impersonation protection feature will become generally available in Microsoft Teams next month. This security feature proactively alerts enterprise users to potential brand impersonation attempts in Teams chat messages.
Previously, enabling external access in Teams allowed users to receive messages from outside domains. Microsoft Teams would automatically scan these external senders for potential impersonation risks. Users receiving a chat invitation had the option to accept, block, or preview the message.
How does brand impersonation protection work in Microsoft Teams?
In Microsoft Teams, the brand impersonation protection feature automatically detects phishing attacks targeting organizations with external access enabled. It alerts users of potential brand impersonation attempts without requiring any admin configuration.
“If your company allows external domains to contact your users in Teams, we will identify if an external user is impersonating a brand commonly targeted by phishing attacks during their initial contact with your user through Teams Chat. If we detect potential impersonation, we will show a high-risk alert to the user, notifying them to check for suspicious name/email and proceed with caution,” the company explained on the Microsoft 365 admin center.
In this example, Microsoft Teams identified a message where the sender falsely claimed to be from Microsoft. However, the sender’s email address or domain didn’t match Microsoft, which indicates a potential impersonation attempt.
The brand impersonation protection feature will be enabled by default for all commercial customers. Microsoft advises administrators to educate employees about the new high-risk Accept/Block screen and encourage caution when deciding whether to accept or block messages.
In related news, Microsoft Teams has rolled out a new update that allows users to control where notifications appear on their screens. Microsoft is also adding a new feature that will let participants edit their display names during meetings.