Scan Messages for Unsafe Links [CHK-1625]
This check verifies if the messages in Microsoft Teams are being scanned for unsafe links.
Rationale
Microsoft Teams is a common platform for communication within organizations. Attackers can exploit this by sending malicious links via Teams messages. Users often trust these messages more than emails, making them susceptible to clicking on unverified links. The Safe Links feature in Teams uses Microsoft Defender for Office 365 to check URLs in real-time when users click on them. If a link is identified as malicious, a warning is displayed to the user before the website opens, preventing access to phishing sites, malware, or other dangerous websites. Without this protection, users are vulnerable to attacks such as credential phishing, malware downloads, or business email compromise (BEC) attacks.
Fix
An automated fix is available through Attic.
Manual steps:
- Navigate to Microsoft Teams admin center https://admin.teams.microsoft.com
- Go to Messaging
- Go to Chat settings.
- Scroll to Message safety.
- Turn on "Malicious URL protection".
- Save the changes.
Impact
Enabling this feature will ensure that all URLs within Teams messages are checked for a malicious reputation, protecting users from potential cyber threats.