Favorite your Message Center and Roadmap items. Access them anytime via your Profile. Export and share with your team or your LLM.

(Updated) Microsoft Teams: Report external users for security concerns

Message ID
MC1309744
View in Message Center
Service
Microsoft Teams
Category
Stay Informed
Tags
New featureUser impactAdmin impact
Rollout
June 2026July 2026
Roadmap ID
560547
View in M365 Roadmap
Platforms
AndroidDesktopiOSMac

Summary

Microsoft Teams will enable users to report suspicious external users directly, with reports visible to admins in the Teams admin center for faster security response. This feature, rolling out mid to late June 2026, is enabled by default and supports investigation of phishing and impersonation risks.

Details

Updated May 28, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To help organizations respond more quickly to external security threats, Microsoft Teams will allow users to report suspicious external users directly from Teams. These reports will surface in the Teams admin center, giving admins greater visibility into potentially risky interactions and enabling faster investigation and response. This enhancement will build on existing reporting capabilities and will use user signals as an additional layer of protection against phishing, impersonation, and social engineering attacks.

This message is associated with Microsoft 365 Roadmap ID 560547.

[When this will happen]

  • Targeted Release: We will begin rolling out in mid-June 2026 (previously early June) and expect to complete by late June 2026 (previously early June).
  • General Availability (Worldwide): We will begin rolling out in late June 2026 (previously mid-June) and expect to complete by early July 2026 (previously late June).

[How this affects your organization]

Who is affected

  • All Microsoft 365 tenants using Microsoft Teams
  • Users who interact with external users in Teams
  • Admins managing Teams security and reporting in the Teams admin center

What will happen

  • Users will be able to report suspicious external users directly in Teams, in addition to blocking them: 

    user settings

  • Reporting will be available during first time external chat requests and from an external user profile card.
  • Reporting will be supported across Teams experiences including chats, meetings, channels, and search results.
  • When a user is reported, the submission will appear in the Teams admin center under Protection reports > User reported security submission report

    user settings

  • Admins will be able to review reported users and investigate potential phishing, impersonation, or other suspicious activity.
  • Additional metadata will be available through report export to support investigation and response workflows.
  • This feature will be enabled by default and will respect existing Teams messaging policies.

[What you can do to prepare]

No action will be required if you want to keep user reporting enabled.

Admins may choose to take the following actions:

  • Review current Teams messaging policies and confirm that the Report a security concern setting remains enabled.
  • Familiarize security and helpdesk teams with the User reported security submission report in the Teams admin center.
  • Update internal security guidance or user education materials, if applicable.
  • If a malicious external user is identified through these reports, block that user at the tenant level using External access settings to prevent further communication attempts.

[Compliance considerations]

QuestionAnswer
Does the change store new customer data, and if so, where?Yes. Reports submitted by users about external users will be processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change alter how existing customer data is processed, stored, or accessed?Yes. User generated reports about external users are processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change provide a new way of communicating between users, tenants, or subscriptions?Yes. Users will be able to submit reports about external users, which will be communicated to tenant admins through the Teams admin center reporting experience.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?Yes. Admins will gain access to a new User reported security submission report in the Teams admin center, which will enhance monitoring and investigation capabilities related to external security threats.
Does the change include an admin control?Yes. The feature will be governed by the existing Report a security concern setting in Teams messaging policies and can be enabled or disabled by admins.

Change History

Show
Published: May 13, 2026
Last Updated: May 28, 2026
May 28, 2026 at 10:30 PM Updated
Summary
Previous
Microsoft Teams will enable users to report suspicious external users directly, with reports accessible to admins in the Teams admin center for faster security response. This feature, rolling out July–August 2026, is enabled by default, supports multiple Teams experiences, and is governed by existing messaging policies.
New
Microsoft Teams will enable users to report suspicious external users directly, with reports visible to admins in the Teams admin center for faster security response. This feature, rolling out mid to late June 2026, is enabled by default and supports investigation of phishing and impersonation risks.
Last Updated Date
Previous
2026-05-27T21:40:45.477Z
New
2026-05-28T20:05:26.067Z
Body Content
Previous

Updated May 27, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To help organizations respond more quickly to external security threats, Microsoft Teams will allow users to report suspicious external users directly from Teams. These reports will surface in the Teams admin center, giving admins greater visibility into potentially risky interactions and enabling faster investigation and response. This enhancement will build on existing reporting capabilities and will use user signals as an additional layer of protection against phishing, impersonation, and social engineering attacks.

This message is associated with Microsoft 365 Roadmap ID 560547.

[When this will happen]

  • Targeted Release: We will begin rolling out in mid-July 2026 (previously early June) and expect to complete by late July 2026 (previously early June).
  • General Availability (Worldwide): We will begin rolling out in early August 2026 (previously mid-June) and expect to complete by late August 2026 (previously late June).

[How this affects your organization]

Who is affected

  • All Microsoft 365 tenants using Microsoft Teams
  • Users who interact with external users in Teams
  • Admins managing Teams security and reporting in the Teams admin center

What will happen

  • Users will be able to report suspicious external users directly in Teams, in addition to blocking them: 

    user settings

  • Reporting will be available during first time external chat requests and from an external user profile card.
  • Reporting will be supported across Teams experiences including chats, meetings, channels, and search results.
  • When a user is reported, the submission will appear in the Teams admin center under Protection reports > User reported security submission report

    user settings

  • Admins will be able to review reported users and investigate potential phishing, impersonation, or other suspicious activity.
  • Additional metadata will be available through report export to support investigation and response workflows.
  • This feature will be enabled by default and will respect existing Teams messaging policies.

[What you can do to prepare]

No action will be required if you want to keep user reporting enabled.

Admins may choose to take the following actions:

  • Review current Teams messaging policies and confirm that the Report a security concern setting remains enabled.
  • Familiarize security and helpdesk teams with the User reported security submission report in the Teams admin center.
  • Update internal security guidance or user education materials, if applicable.
  • If a malicious external user is identified through these reports, block that user at the tenant level using External access settings to prevent further communication attempts.

[Compliance considerations]

QuestionAnswer
Does the change store new customer data, and if so, where?Yes. Reports submitted by users about external users will be processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change alter how existing customer data is processed, stored, or accessed?Yes. User generated reports about external users are processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change provide a new way of communicating between users, tenants, or subscriptions?Yes. Users will be able to submit reports about external users, which will be communicated to tenant admins through the Teams admin center reporting experience.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?Yes. Admins will gain access to a new User reported security submission report in the Teams admin center, which will enhance monitoring and investigation capabilities related to external security threats.
Does the change include an admin control?Yes. The feature will be governed by the existing Report a security concern setting in Teams messaging policies and can be enabled or disabled by admins.
New

Updated May 28, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To help organizations respond more quickly to external security threats, Microsoft Teams will allow users to report suspicious external users directly from Teams. These reports will surface in the Teams admin center, giving admins greater visibility into potentially risky interactions and enabling faster investigation and response. This enhancement will build on existing reporting capabilities and will use user signals as an additional layer of protection against phishing, impersonation, and social engineering attacks.

This message is associated with Microsoft 365 Roadmap ID 560547.

[When this will happen]

  • Targeted Release: We will begin rolling out in mid-June 2026 (previously early June) and expect to complete by late June 2026 (previously early June).
  • General Availability (Worldwide): We will begin rolling out in late June 2026 (previously mid-June) and expect to complete by early July 2026 (previously late June).

[How this affects your organization]

Who is affected

  • All Microsoft 365 tenants using Microsoft Teams
  • Users who interact with external users in Teams
  • Admins managing Teams security and reporting in the Teams admin center

What will happen

  • Users will be able to report suspicious external users directly in Teams, in addition to blocking them: 

    user settings

  • Reporting will be available during first time external chat requests and from an external user profile card.
  • Reporting will be supported across Teams experiences including chats, meetings, channels, and search results.
  • When a user is reported, the submission will appear in the Teams admin center under Protection reports > User reported security submission report

    user settings

  • Admins will be able to review reported users and investigate potential phishing, impersonation, or other suspicious activity.
  • Additional metadata will be available through report export to support investigation and response workflows.
  • This feature will be enabled by default and will respect existing Teams messaging policies.

[What you can do to prepare]

No action will be required if you want to keep user reporting enabled.

Admins may choose to take the following actions:

  • Review current Teams messaging policies and confirm that the Report a security concern setting remains enabled.
  • Familiarize security and helpdesk teams with the User reported security submission report in the Teams admin center.
  • Update internal security guidance or user education materials, if applicable.
  • If a malicious external user is identified through these reports, block that user at the tenant level using External access settings to prevent further communication attempts.

[Compliance considerations]

QuestionAnswer
Does the change store new customer data, and if so, where?Yes. Reports submitted by users about external users will be processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change alter how existing customer data is processed, stored, or accessed?Yes. User generated reports about external users are processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change provide a new way of communicating between users, tenants, or subscriptions?Yes. Users will be able to submit reports about external users, which will be communicated to tenant admins through the Teams admin center reporting experience.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?Yes. Admins will gain access to a new User reported security submission report in the Teams admin center, which will enhance monitoring and investigation capabilities related to external security threats.
Does the change include an admin control?Yes. The feature will be governed by the existing Report a security concern setting in Teams messaging policies and can be enabled or disabled by admins.
May 28, 2026 at 12:30 AM Updated
Title
Previous
Microsoft Teams: Report external users for security concerns
New
(Updated) Microsoft Teams: Report external users for security concerns
Summary
Previous
Microsoft Teams will enable users to report suspicious external users directly, with reports visible to admins in the Teams admin center for faster security response. This feature, rolling out June 2026, supports chats, meetings, and channels, is enabled by default, and integrates with existing messaging policies.
New
Microsoft Teams will enable users to report suspicious external users directly, with reports accessible to admins in the Teams admin center for faster security response. This feature, rolling out July–August 2026, is enabled by default, supports multiple Teams experiences, and is governed by existing messaging policies.
Last Updated Date
Previous
2026-05-13T23:09:34.400Z
New
2026-05-27T21:40:45.477Z
Tags
Previous
New feature,User impact,Admin impact
New
Updated message,New feature,User impact,Admin impact
Body Content
Previous

[Introduction]

To help organizations respond more quickly to external security threats, Microsoft Teams will allow users to report suspicious external users directly from Teams. These reports will surface in the Teams admin center, giving admins greater visibility into potentially risky interactions and enabling faster investigation and response. This enhancement will build on existing reporting capabilities and will use user signals as an additional layer of protection against phishing, impersonation, and social engineering attacks.

This message is associated with Microsoft 365 Roadmap ID 560547.

[When this will happen]

  • Targeted Release: We will begin rolling out in early June 2026 and expect to complete by early June 2026.
  • General Availability (Worldwide): We will begin rolling out in mid-June 2026 and expect to complete by late June 2026.

[How this affects your organization]

Who is affected

  • All Microsoft 365 tenants using Microsoft Teams
  • Users who interact with external users in Teams
  • Admins managing Teams security and reporting in the Teams admin center

What will happen

  • Users will be able to report suspicious external users directly in Teams, in addition to blocking them: 

    user settings

  • Reporting will be available during first time external chat requests and from an external user profile card.
  • Reporting will be supported across Teams experiences including chats, meetings, channels, and search results.
  • When a user is reported, the submission will appear in the Teams admin center under Protection reports > User reported security submission report

    user settings

  • Admins will be able to review reported users and investigate potential phishing, impersonation, or other suspicious activity.
  • Additional metadata will be available through report export to support investigation and response workflows.
  • This feature will be enabled by default and will respect existing Teams messaging policies.

[What you can do to prepare]

No action will be required if you want to keep user reporting enabled.

Admins may choose to take the following actions:

  • Review current Teams messaging policies and confirm that the Report a security concern setting remains enabled.
  • Familiarize security and helpdesk teams with the User reported security submission report in the Teams admin center.
  • Update internal security guidance or user education materials, if applicable.
  • If a malicious external user is identified through these reports, block that user at the tenant level using External access settings to prevent further communication attempts.

[Compliance considerations]

QuestionAnswer
Does the change store new customer data, and if so, where?Yes. Reports submitted by users about external users will be processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change alter how existing customer data is processed, stored, or accessed?Yes. User generated reports about external users are processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change provide a new way of communicating between users, tenants, or subscriptions?Yes. Users will be able to submit reports about external users, which will be communicated to tenant admins through the Teams admin center reporting experience.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?Yes. Admins will gain access to a new User reported security submission report in the Teams admin center, which will enhance monitoring and investigation capabilities related to external security threats.
Does the change include an admin control?Yes. The feature will be governed by the existing Report a security concern setting in Teams messaging policies and can be enabled or disabled by admins.
New

Updated May 27, 2026: We have updated the timeline. Thank you for your patience. 

[Introduction]

To help organizations respond more quickly to external security threats, Microsoft Teams will allow users to report suspicious external users directly from Teams. These reports will surface in the Teams admin center, giving admins greater visibility into potentially risky interactions and enabling faster investigation and response. This enhancement will build on existing reporting capabilities and will use user signals as an additional layer of protection against phishing, impersonation, and social engineering attacks.

This message is associated with Microsoft 365 Roadmap ID 560547.

[When this will happen]

  • Targeted Release: We will begin rolling out in mid-July 2026 (previously early June) and expect to complete by late July 2026 (previously early June).
  • General Availability (Worldwide): We will begin rolling out in early August 2026 (previously mid-June) and expect to complete by late August 2026 (previously late June).

[How this affects your organization]

Who is affected

  • All Microsoft 365 tenants using Microsoft Teams
  • Users who interact with external users in Teams
  • Admins managing Teams security and reporting in the Teams admin center

What will happen

  • Users will be able to report suspicious external users directly in Teams, in addition to blocking them: 

    user settings

  • Reporting will be available during first time external chat requests and from an external user profile card.
  • Reporting will be supported across Teams experiences including chats, meetings, channels, and search results.
  • When a user is reported, the submission will appear in the Teams admin center under Protection reports > User reported security submission report

    user settings

  • Admins will be able to review reported users and investigate potential phishing, impersonation, or other suspicious activity.
  • Additional metadata will be available through report export to support investigation and response workflows.
  • This feature will be enabled by default and will respect existing Teams messaging policies.

[What you can do to prepare]

No action will be required if you want to keep user reporting enabled.

Admins may choose to take the following actions:

  • Review current Teams messaging policies and confirm that the Report a security concern setting remains enabled.
  • Familiarize security and helpdesk teams with the User reported security submission report in the Teams admin center.
  • Update internal security guidance or user education materials, if applicable.
  • If a malicious external user is identified through these reports, block that user at the tenant level using External access settings to prevent further communication attempts.

[Compliance considerations]

QuestionAnswer
Does the change store new customer data, and if so, where?Yes. Reports submitted by users about external users will be processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change alter how existing customer data is processed, stored, or accessed?Yes. User generated reports about external users are processed and made available to admins for review and investigation, extending existing reporting workflows.
Does the change provide a new way of communicating between users, tenants, or subscriptions?Yes. Users will be able to submit reports about external users, which will be communicated to tenant admins through the Teams admin center reporting experience.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?Yes. Admins will gain access to a new User reported security submission report in the Teams admin center, which will enhance monitoring and investigation capabilities related to external security threats.
Does the change include an admin control?Yes. The feature will be governed by the existing Report a security concern setting in Teams messaging policies and can be enabled or disabled by admins.

Never Miss a Microsoft 365 Update

Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.

Explore Dashboard Sign Up Free