(Updated) Microsoft Teams: Report external users for security concerns

🚨 The Signal: Teams users can now report suspicious external users directly, enhancing threat detection. These reports centralise in the Teams admin center, improving visibility and enabling faster response to phishing and social engineering attacks.

The Impact

All Microsoft 365 tenants are affected, improving the security team's ability to detect and respond to external threats.

• Security Teams: Enhanced visibility into external user threats.
• Teams Admins: New reporting data to monitor and investigate.
• End Users: New capability to report suspicious external interactions.
• Organisation: Improved defence against phishing and impersonation.

The Action

1. Review existing incident response playbooks to incorporate Teams external user reports.
2. Communicate new reporting capability to end-users via internal security awareness campaigns.
3. Familiarise security operations centre (SOC) staff with the new reporting interface in Teams admin center.
4. Monitor Teams admin center for reported external users and integrate into existing threat intelligence processes.

Domain: Teams · Impact: medium · Workload: Teams