Microsoft Teams Adds Caller ID to Combat Brand Impersonation
▼ Summary
– Microsoft is adding a new “Brand Impersonation Protection” feature to Teams calls to warn users about external callers pretending to be trusted organizations.
– The feature, rolling out in mid-February, checks first-time external VoIP calls for impersonation signs and displays high-risk warnings before they are answered.
– These persistent warnings aim to prevent social engineering attacks where scammers pose as legitimate entities to steal information or money.
– The feature will be enabled by default, but Microsoft advises IT departments to prepare support staff and update training for the new alerts.
– This update is part of broader Teams security enhancements, including automatic malicious content detection and warnings about suspicious external domain traffic.
Microsoft is introducing a new security layer for its Teams platform designed to protect users from fraudulent calls. The upcoming feature, called Brand Impersonation Protection, will automatically scan incoming voice-over-IP calls from first-time external contacts for signs of impersonation. If a call is deemed suspicious, the system will display a clear warning to the user before they answer, helping to thwart social engineering scams where attackers pose as legitimate companies or government bodies.
This proactive defense mechanism checks for signals that a caller is falsely representing a trusted organization. The goal is to prevent the theft of sensitive data or financial resources through deception. The feature will be enabled by default for users in the targeted release program starting in mid-February, requiring no administrative action to activate. While individuals can still choose to accept, block, or end a flagged call, the alert may remain visible during the conversation if risk indicators continue.
According to a company update, this enhancement is part of Microsoft’s broader investment in caller identity protection and secure collaboration tools. It specifically aims to reduce social-engineering risks and bolster overall tenant security when users receive external calls from unknown numbers. The company advises organizations to prepare their support staff for potential questions about these new warnings.
IT departments should update their internal training materials and inform helpdesk teams that users may begin seeing high-risk call alerts. This preparation will ensure smooth adoption and user understanding of the new protective measures. The rollout aligns with other recent security upgrades for Teams, including the default enabling of malicious URL detection and protections against weaponizable file types, which began automatically for all users in January.
Microsoft is also developing a separate feature to alert administrators about suspicious traffic originating from external domains. These continued investments in security are critical for a platform of Teams’ scale, which sees over 320 million monthly active users. As digital collaboration remains essential, such features are vital for maintaining trust and safeguarding against increasingly sophisticated impersonation attacks.
(Source: Bleeping Computer)
