By - Microsoft Teams is finally introducing a phishing alert function
- The feature will be generally available in mid-February 2025
- Hackers have been abusing external comms to hit organizations with malware and ransowmare
Microsoft Teams has long been a favorite target for hackers looking to infiltrate organizations by impersonating brands or network administrators, but that is all finally about to change.
Numerous threat actors have abused external access, with one Russian group ‘bombing’ a user’s email inbox with thousands of emails before pretending to be an IT support worker calling to help fix the spam, before gaining remote access and deploying malware.
A phishing warning for external messages has therefore been a long time coming, with the feature set to be introduced by Microsoft in mid-February 2025.
Phishing detector
The phishing threat alert was first rumoured in October 2024 in the Microsoft 365 roadmap, with a subsequent advisory added to the Microsoft 365 service update page stating the system would be generally available around mid-February 2025.
“This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to update any relevant documentation. We recommend that you educate your users on what the new high-risk Accept/Block screen means and remind users to proceed with caution.”
Phishing checks will happen every time a user receives a message from an external source for the first time, Microsoft added, further explaining that an ‘Accept or block’ prompt will appear over suspicious chats, with the user being reminded to recognize that the message could be phishy if they choose to click accept.
External access can be disabled in the Microsoft Teams Admin Center, preventing risky external communications entirely, but those who regularly need to use external messaging will have to remain extra vigilant until mid-February. Microsoft recommends that organizations train their employees to spot and report suspicious phishing emails and messages.
Via BleepingComputer
