Microsoft Teams: Opening Calls in a small window in Teams

🚨 The Signal: Microsoft Teams calls can now be opened in a small, floating window. This change aims to reduce user disruption during calls, but it introduces a new UI element that could be leveraged for social engineering or information overlay attacks.

The Impact

All Teams users are affected, with a low security risk related to potential social engineering or information overlay attacks.

• End users: Potential for distraction or misinterpretation of overlaid information.
• Security teams: Need to be aware of new UI for incident response and user education.
• Admins: No direct administrative action, but awareness for user support.

The Action

1. Review existing security awareness training modules for social engineering to include new UI elements.
2. Communicate to users about the new floating window feature and its intended use.
3. Monitor for any reported incidents involving the new call window behavior.

Domain: Teams · Impact: low · Workload: Teams