Microsoft Teams Adds Feature to Report Suspicious Calls
▼ Summary
– Microsoft Teams will introduce a “Report a Call” feature by mid-March, allowing users to flag suspicious one-to-one calls as potential scams or phishing attempts.
– The feature is enabled by default but can be disabled by administrators via the Teams Admin Center under “Calling settings.”
– When a call is reported, limited metadata like timestamps and caller ID is shared with the organization and Microsoft for review in the Defender portal or Teams Admin Center.
– The rollout begins for Targeted Release customers in mid-March, with general worldwide availability expected by late April.
– This is part of broader Teams security enhancements, including recent fraud protection features to warn users about impersonation attempts in calls.
Microsoft is introducing a new security function within its Teams platform, giving users a direct way to report calls they believe to be malicious. This “Report a Call” feature, set for a phased rollout beginning in mid-March, is designed to combat phishing and scam attempts that occur through voice communication. It provides a critical feedback loop, offering organizations much-needed visibility into these emerging threats.
The functionality will be accessible directly from the call history for one-to-one conversations on Windows, Mac, and web clients. Users can click “More options” beside any call entry and select the report option to submit their concern. When a report is filed, a limited set of metadata is shared with both the user’s organization and Microsoft. This data includes timestamps, call duration, caller ID details, and the Teams IDs of participants involved.
Currently, users have no simple way to report suspicious calls, leaving organizations without visibility into these threats. This new tool aims to close that gap. The feature will be enabled by default across tenants, though administrators retain control. Those who wish to disable it can do so by navigating to the Teams Admin Center and adjusting the setting under “Calling settings.”
The rollout will commence for Targeted Release customers around mid-March, with completion anticipated by the end of that month. General availability for all users worldwide is scheduled for late April. How organizations access the reported data will depend on their licensing. Security teams with Defender for Office 365 (Plan 1 or Plan 2) or Defender XDR licenses can view detailed reports within the Microsoft Defender portal. Organizations without these specific licenses will still have access to basic submission information through the Protection Reports section of the Teams Admin Center.
This call reporting capability is part of a broader push by Microsoft to enhance security within Teams. In November, the company launched a feature allowing users to report false-positive alerts from messages that were incorrectly flagged. More recently, administrators gained the ability to block external users directly via the Defender portal, a measure aimed at disrupting ransomware groups and other threat actors who abuse Teams for social engineering.
Additionally, new fraud protection features for Teams calls began rolling out in mid-February. These features are designed to warn users about external callers who may be attempting to impersonate trusted organizations, adding another layer of defense against sophisticated social engineering attacks.
(Source: Bleeping Computer)
