Microsoft alerted Microsoft 365 admins that the phishing alert features will reach all users by mid-February, as Bleeping Computer reports. The new feature will be enabled by default and alert users when an attack is detected.
However, you can only see the phishing attack alerts if you have external Teams access, a feature that allows users in your organization to talk to others who are not part of your organization. Even though the rollout started in mid-November, it has not reached all users, but Microsoft hopes to achieve that goal by mid-February. Microsoft also advises users to familiarize themselves with the new high-risk Accept/Block screen.
If you get the message, you must preview it and decide whether to accept it. If you accept it, Microsoft will send you another warning message reminding you of the possible risk before you accept it again. Admins can also access the audit log to view the detected phishing attacks that employ this technique.
Suppose you don’t have the phishing alert feature yet and don’t need to communicate with anyone outside your team. In that case, it’s recommended that you turn off the feature from the Microsoft Teams Admin Center, followed by External Access. But if you need to use the feature, admins can add certain domains to an allowed list to reduce the risk of exploitation. Time will tell when the feature will reach all users, but hopefully, it’ll be soon. But when that time comes, threat actors such as the Russian group who bombarded a user’s email box with thousands of emails before calling and posing as an IT support worker are going to have a hard time reaching their goal.
Microsoft Teams has taken other measures to keep its users safe, such as the Safe Links feature that protects users against malicious links. We’ll see what other features it decides to add to Teams.
