Microsoft Teams has added a new capability, allowing internal users to report security risks and concerns when interacting with external users in 1:1, group, and meeting chats. This enhancement is part of the user reported message feature in Teams.
Content
Timeline
The rollout should be completed in May 2025. This enhancement applies to Teams for Windows, Teams for Mac, and Teams for the web.
How does this affect your users?
After the rollout, users can hover over a chat message, select the More options (…) menu, and choose Report this message to flag security concerns in 1:1 chats, group chats, and meeting chats with external users. Conversations in shared channels are not supported at this time.
Users can see a short summary and report the message.
What admins should know?
First, the user reported message feature in Teams requires a Defender for Office 365 Plan 2 license or service plan.
Second, admins should verify two settings for the feature. Follow the Microsoft documentation to check both settings.
- As described here, check the setting to report a security concern in your Teams messaging policy. Microsoft has provided this setting for internal users since 2023, it’s enabled by default.
- As described here, check the report message configuration in the Defender security portal. This setting is on by default for new tenants, existing tenants need to enable it.
How can security people check the user submissions?
Open the Defender security portal > Actions & submissions > Submissions > User reported. Here, you will find all the user reported messages. You can submit the message to Microsoft or mark it as phishing or false/positive.
In addition, Defender can send an email about the reported message.
