Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR, admins can decide whether users can report malicious messages in Microsoft Teams. Security admins can also get visibility into the Teams messages that users are reporting.
Users can report messages in Teams from chats and channels for security concern and for incorrect detection.
User experience in Teams – Report Security Concern
Users who see a concerning chat or a channel message in Teams can report it as a security risk. To report a message:
Go to chat or channel message and select … > Report this message.
Select Security concern. Depending on the organization settings, you maybe asked to choose a reason for reporting the message.
Review the selections and select Report.
User reporting settings for Teams messages – Security Concern
'Report a security concern' reporting of messages in Teams is made of two separate settings:
- In the Teams admin center: 'On' by default and controls whether users are able to report messages from Teams. When this setting is turned off, users can't report messages within Teams, so the corresponding setting in the Microsoft Defender portal is irrelevant.
- In the Microsoft Defender portal: 'On' by default for new tenants. Existing tenants need to enable it. If user reporting of messages is turned on in the Teams admin center, it also needs to be turned on in the Defender portal for user reported messages to show up correctly on the User reported tab on the Submissions page.
Turn off or turn on user reporting for security concerns in Teams admin center.
- Sign in to the Teams Admin Center at https://admin.teams.microsoft.com.
- In the left navigation, select Messaging policies.
- Select a policy.
- Turn on the setting: Report a security concern.
- Select Save to apply the changes.
Learn about turning off or turning on user reporting of Teams messages in the Defender portal.
User experience in Teams – Report Not a Security Concern
Note
The feature 'Not a Security Concern' is in preview.
Users can report messages in Teams chats or channels that are incorrectly flagged by Link Protection as containing malicious URLs.
To report a message as not a security concern:
- In the Teams chat or channel, locate the message that was flagged.
- Hover over the message without selecting it.
- Select ... More options > Report this message.
- In the report dialog that opens, select Not a security concern.
- Select Report to submit your feedback.
User reporting settings for Teams messages – Not a Security Concern
Note
The feature 'Not a security concern' is in preview.
Incorrect detection (Not a security concern) reporting of messages in Teams is made of two separate settings:
- In the Teams admin center: The setting controls whether users are able to report incorrect detections on messages flagged as security risks from Teams. When this setting is turned off, users can't report messages within Teams, so the corresponding setting in the Microsoft Defender portal is irrelevant.
- In the Microsoft Defender portal: 'On' by default for new tenants. Existing tenants need to enable it. If user reporting of messages is turned on in the Teams admin center, it also needs to be turned on in the Defender portal for user reported messages to show up correctly on the User reported tab on the Submissions page.
Turn off or turn on user reporting for incorrect detections concerns in Teams admin center
- Sign in to the Teams Admin Center at https://admin.teams.microsoft.com.
- In the left navigation, select Messaging settings.
- Scroll down to Messaging safety settings.
- Turn on the setting: Report incorrect security detections.
- Select Save to apply the changes.
Learn about turning off or turning on user reporting of Teams messages in the Defender portal.