Microsoft Teams: Forward messages with app cards

🚨 The Signal: Users can now forward Teams messages containing app cards. This increases the potential for sensitive information or malicious app links to be inadvertently shared, impacting data governance and security awareness.

The Impact

All Teams users are affected, increasing the risk of sensitive data exposure and the spread of malicious content via forwarded app cards.

• End Users: Increased risk of inadvertently forwarding sensitive data.
• Security Team: New vector for phishing or malware via malicious app links.
• Compliance Team: Greater challenge in maintaining data loss prevention policies.
• IT Admins: Potential for increased support requests related to oversharing.

The Action

1. Review existing Microsoft Teams DLP policies to ensure app card content is covered.
2. Communicate to users about the risks of forwarding app cards, especially from unknown sources.
3. Monitor Teams audit logs for unusual forwarding activity involving app cards.
4. Consider implementing sensitivity labels for Teams content to restrict forwarding of classified information.

Domain: Teams · Impact: medium · Workload: Teams