Attackers might attempt to use social engineering to trick Teams users in compromise. Trusted indicators help users understand the status of external users with difficult visual markers. The idea is that users will see the marker and realize that they should be less trusting in their communications. Sounds good. But maybe securing external access for Teams with a comprehensive block list is even better?
A recent report noted an increase in social engineering attacks through Teams federated chat. You can stop these attacks by limiting external access to an allow list of known domains, which is what I do. Or you can depend on the technology built into Teams to detect suspicious connections and remind users about potential risk. This now extends to connections from brands commonly targeted by phishers.
A setting in the Teams meeting policy controls whether users can access the meeting chat in meetings hosted by non-trusted external tenants. By default, the setting is On, meaning that users can participate in chat for any meeting they join in any tenant. If you have concerns about this aspect of meetings, turn the setting Off and define trusted tenants.
Microsoft Teams Connect now allows external (federated) people to join group chats. Federated participants come from other Microsoft 365 tenants. Previously, federated chats were only supported for 1:1 conversations, but as part of the effort to prepare for the introduction of shared channels (also based on federation), multiple external participants can join a group chat.
Teams supports federated chat with other users in Office 365 tenants using a feature called external access. It’s similar to the way that Skype for Business federated chat works, except that you can’t use emojis. Generally things work very well, which is nice when you want to reach out and communicate with someone externally.