Microsoft will soon add new fraud protection features to Teams calls, warning users about external callers who attempt to impersonate trusted organizations in social engineering attacks.
Named “Brand Impersonation Protection,” the new Teams security feature will start rolling out to the targeted release ring in mid-February and will be enabled by default.
According to Microsoft, the feature checks incoming VoIP calls from first-time external contacts for signs of brand impersonation and displays high-risk call warnings before suspicious calls are answered.
While users can accept, block, or end flagged calls, these alerts may persist during conversations if suspicious signals persist. These warnings aim to prevent social engineering attacks where scammers pose as legitimate businesses or government agencies to steal sensitive information or money from targets.
“Brand Impersonation Protection for Teams Calling adds proactive safeguards against fraudulent or deceptive external callers who attempt to appear as trusted organizations,” Microsoft said in a Microsoft 365 message center update.
“This helps reduce social-engineering risks and improves tenant security when users receive first-contact external calls. This update aligns with Microsoft’s ongoing investments in caller identity protection and secure collaboration.”
Although the Brand Impersonation Protection feature activates automatically, without requiring admin actions, Microsoft advises customers to prepare their support staff for questions about the new warnings.
IT departments should also update internal training materials and inform helpdesk teams that users may begin seeing high-risk call alerts starting next month.
As Microsoft previously announced, Teams will automatically strengthen messaging security by default in January against malicious content by enabling malicious URL detection, weaponizable file type protection, and a system for reporting false positives.
Microsoft is also preparing to roll out a new feature that warns admins about suspicious traffic from external domains.
As Microsoft revealed during its 2024 Enterprise Connect conference, more than 320 million people use Teams each month.
As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe.
This free cheat sheet outlines 7 best practices you can start using today.