Microsoft is rolling out a new security feature in Teams called Brand Impersonation Protection to help users avoid scam calls from external attackers who pretend to represent trusted organizations. The feature warns users when an unknown caller claims to be a brand such as a bank, government agency, or software company.
Cybercriminals increasingly target collaboration tools instead of email. They use social engineering tactics to trick employees into sharing sensitive data or transferring money. Microsoft aims to block these attacks directly at the call level inside Teams.
How Microsoft Teams Detects Brand Impersonation in Scam Calls
Teams automatically scans incoming VoIP calls from first-time external contacts. The system analyzes caller signals to detect signs of brand impersonation. When Teams detects suspicious behavior, it displays a high-risk warning before the user answers the call. Users can then choose to accept, block, or end the call.
See also: How to Install Microsoft Teams on All Devices (Windows, Mac, Android, iOS, Linux)
If the caller continues to show suspicious behavior during the conversation, Teams keeps the warning visible. This persistent alert helps users remain cautious instead of trusting the caller too quickly.
Microsoft designed this protection to stop scams where attackers pretend to represent legitimate businesses or government agencies to steal credentials, payment details, or confidential data.
Enabled by Default, No Admin Setup Required
Microsoft enables Brand Impersonation Protection automatically. Organizations do not need to configure policies or deploy additional tools. The feature activates as soon as Microsoft completes the rollout.
Although the system runs automatically, Microsoft advises organizations to prepare their support teams. IT departments should inform employees about the new warning messages and update internal training materials so users understand how to respond when alerts appear. Helpdesk teams should also prepare for user questions about the new security prompts.
New Security Enhancements in Microsoft Teams
Microsoft continues to strengthen Teams security across messaging and calling. The company recently enabled stronger protections against malicious URLs, dangerous file types, and false-positive reporting. Microsoft is also preparing new alerts for suspicious traffic from external domains. These measures work together to reduce phishing and social-engineering risks across the platform.
See also: Microsoft Teams Not Working on macOS Monterey 12.7.4? Fixes You Can Try
Teams now serves more than 300 million monthly users, which makes it a major target for attackers. Microsoft continues to invest in identity protection and secure collaboration to protect enterprise users at scale.
Rollout Timeline
Microsoft plans to begin rolling out Brand Impersonation Protection to the Targeted Release channel in mid-February. The feature will appear first on desktop platforms and expand gradually to more users as testing completes.
According to the roadmap:
- Rollout Start: February 2026
- Release Phases: Targeted Release first, followed by General Availability
- Platforms: Desktop and Mac
- Cloud Instances: Worldwide (Standard Multi-Tenant) and GCC
- Roadmap ID: 543239
Microsoft plans to introduce the feature gradually, starting with early adopters before expanding to broader enterprise availability.
