Microsoft Teams is stepping up its security game with a new feature that alerts users when potentially dangerous links are shared in private messages. The update, currently in public preview, scans URLs shared in chats and channels and displays warning banners when links are flagged as spam, phishing, or malware.
The new protection is powered by Microsoft Defender for Office 365, the companyโs built-in security service for emails and documents. Now, this protection extends to all Microsoft Defender for Office 365 (MDO) and Microsoft Teams enterprise customers.
How it Works
If a URL has been flagged as spam, phishing, or malware, Teams will place a big warning banner on the message. Both the sender and recipient will see the alert, helping prevent accidental clicks that could lead to scams or infections.
“To help users stay protected from malicious content, we’re introducing message warnings in Microsoft Teams,” the company wrote in an incident alertย published in the Microsoft 365 message center on Wednesday.
“This new feature displays a warning banner on messages containing URLs flagged as Spam, Phish, or Malwareโwhether the message is internal or external. These warnings enhance user awareness and complement existing security protections like Safe Links and ZAP.”
Microsoft isnโt stopping at link warnings. The company is also giving IT administrators more control over malicious content. Soon, security admins will be able to block incoming communications from specific domains and even delete existing chat messages sent from blocked domains. These capabilities, managed through the Microsoft Defender portal, are designed to help organizations cut off threats quickly and prevent new ones from slipping through.
According to a recentย Microsoft 365 roadmap entry, the update began rolling out in public preview this September across desktop, web, iOS, and Android, and is expected to be available to all Teams users by November 2025, giving millions of people an extra layer of protection against phishing, spam, and malware.
During the preview period, admins can enable the feature via the Teams Admin Center > Message settings, and once fully released, malicious link warnings will be switched on by default, with options for IT managers to fine-tune the settings via Teams Admin Center or PowerShell.
Microsoft says the goal is to boost user awareness and reduce the risk of scams that have increasingly targeted collaboration platforms like Teams. With more than 320 million monthly active users worldwide, the app has become a favorite target for hackers who spread phishing links or malware disguised as legitimate content.
For everyday users, the takeaway is simple: Teams will check suspicious links for you, keeping you safe from scams without disrupting your daily chats.
