For twenty years we've trained people to be suspicious of email. Don't click the link. Check the sender. Hover before you tap. And it worked well enough that the people trying to scam your business went looking for a softer target — the one place your team doesn't have its guard up: the company chat.
If you run on Microsoft Teams, picture this. A message pops up from "IT Support" or a name that looks like a coworker. It's casual, it's inside your own system, and it asks someone to click a link to "verify their account" or open a file. Nobody taught your staff to distrust a Teams message the way they distrust email — and attackers know it.
What Microsoft just changed
Two things, and they're both good news for owners. First, since January, Microsoft has been turning on basic Teams protections by default — warning people when a chat link looks malicious, and blocking the file types attackers like to weaponize. Second, rolling out this month, there's a new Security Detection Report in the Teams admin area: a single dashboard that shows you the impersonation attempts, bad links, and dangerous files that tried to come through Teams — so someone can actually see what's being thrown at your people and shut it down.
The best part for a small business: this comes with the Teams licenses you already pay for. There's no new product to buy.
The honest version
I'm not going to oversell it. This is a smoke detector, not a sprinkler system. It tells you something's burning; it doesn't put out every fire. The protections only help if they're actually switched on, and the new report only helps if someone is actually looking at it. A dashboard nobody opens is just a screen. So the value here isn't the feature — it's whether someone on your side is paying attention to it.
The tools you already pay for are full of safety features sitting switched off, or switched on with nobody watching. This is one worth turning on — and assigning to a real person.
What to do this week
You don't need to configure anything yourself. You need three answers from whoever runs your technology — your in-house person or your IT provider:
- "Are Teams' built-in link and file protections actually turned on for us?" They've been on by default since January, but "default" and "confirmed" are not the same thing.
- "When the new Teams Security Detection Report shows up this month, who is going to look at it — and how often?" If the answer is "nobody, really," that's the gap to close.
- "Has anyone told our team that real IT will never send them a chat asking for a password or a quick login?" The technology helps, but a five-minute heads-up to your staff is still the cheapest security you'll ever buy.
Phishing is still the most common way a small business gets breached. The attackers simply changed rooms — from the inbox to the chat window. The good news is the locks for that room now come included. Someone just has to turn them, and keep an eye on the door.
— David
Sources
- Microsoft Learn — Link Protection in Microsoft Teams (included for all Teams users, no extra license)
- Microsoft 365 Roadmap — Teams admin "Security detections" report (Roadmap ID 560702, rolling out June 2026)
- AdminDroid — overview of the new Teams Security Detection Report (impersonation, malicious URLs, unsafe file types) (May 19, 2026)