Microsoft Teams is getting a new security upgrade aimed at tackling a growing and costly problem: brand impersonation during voice calls. Microsoft is rolling out Brand Impersonation Protection for Teams Calling, a feature designed to help users identify and avoid suspicious external calls that pretend to come from trusted companies or organizations.
This move comes as social-engineering scams continue to evolve, with attackers increasingly targeting collaboration platforms where people naturally expect legitimate business communication.
What Is Brand Impersonation Protection?
Brand Impersonation Protection is a built-in safeguard that analyzes incoming external VoIP calls and looks for signals that suggest fraud or impersonation. These calls often attempt to mimic well-known brands, internal IT teams, or business partners in order to gain trust quickly.
When Teams detects a potential risk, it doesn’t block the call automatically. Instead, it gives users clear warnings so they can make an informed decision before engaging. The goal is awareness and prevention, not disruption of legitimate communication.
When the Feature Is Rolling Out
Microsoft plans to introduce this feature in stages:
- Targeted release: Mid-February 2026
- Wider rollout: By late February 2026
Once available, Brand Impersonation Protection will be enabled by default for organizations that use Teams Calling. Administrators won’t need to configure or activate anything, which means protection begins as soon as the feature reaches a tenant.
How the New Call Warnings Work
Teams will automatically evaluate inbound calls from external sources for signs of impersonation or scam behavior. If a call is flagged as high risk, users will see a warning before they answer.
At that point, they can:
- Accept the call if they believe it’s legitimate
- Block the caller
- End the call immediately
In some cases, warnings may remain visible during the call if suspicious indicators continue to appear. This persistent alerting helps users stay cautious even after the conversation has started.
Why This Update Matters
Cybercriminals increasingly rely on caller ID spoofing and social-engineering tactics to bypass traditional technical defenses. By pretending to be trusted brands, help desks, or colleagues, attackers pressure victims into sharing credentials, approving requests, or revealing sensitive information.
Collaboration tools like Teams are especially attractive targets because they’re used for real-time business communication. Microsoft has previously acknowledged that attackers exploit impersonation, phishing, and message manipulation within such platforms. Adding call-level warnings directly addresses a key gap where voice communication has often been less protected than email or chat.
Part of a Broader Security Push
Brand Impersonation Protection is not a standalone effort. It fits into Microsoft’s wider strategy to strengthen Teams security, which already includes:
- Detection of domain and brand impersonation in chat messages
- Blocking or flagging malicious links and unsafe file types
- Built-in tools that allow users to report suspicious activity directly from Teams
Together, these measures aim to make Teams a safer environment without slowing down everyday work.
What Organizations Should Do Next
Although no setup is required, organizations should prepare users for the change. Helpdesk teams should know why new warnings may appear, and employees should be trained on how to respond to suspicious external calls. Clear guidance can ensure that these alerts are taken seriously—and that legitimate communication continues smoothly.
Overall, this update represents a practical step toward reducing voice-based scams in modern workplaces.
