MC1223828 - Microsoft Teams: Report a suspicious call

Message ID

MC1223828

View in Message Center

Service

Microsoft Teams

Microsoft Defender XDR

Published

Jan 29, 2026

Tag

New feature

User impact

Admin impact

Roadmap ID

536573

View in M365 Roadmap

Platforms

Desktop

Mac

Web

Summary

Microsoft Teams will introduce a "Report a Call" feature by mid-March 2026, allowing users to flag suspicious one-to-one calls. Reports share limited call metadata with organizations and Microsoft, viewable in Microsoft Defender portal or Teams Admin Center. The feature is enabled by default but can be disabled by admins.

More information

Introduction

As Microsoft Teams calling adoption continues to grow across organizations, scam and phishing attempts targeting users through voice calls are increasing as well. Currently, users have no simple way to report suspicious calls, leaving organizations without visibility into these threats and without clear guidance on how users should respond.

To address this gap, we're introducing Report a Call in Microsoft Teams. With this feature, users can flag suspicious or unwanted one-to-one calls directly in Teams, giving your security team actionable intelligence and helping build organization-wide protection against bad actors.

This message relates to Microsoft 365 Roadmap ID 536573.

When this will happen

Targeted Release: Rollout will begin in mid-March 2026 and will be completed in late March 2026.

General Availability (Worldwide): Rollout will begin in mid-April 2026 and is expected to be completed in late April 2026.

How this will affect your organization

Who is affected: Users who make or receive calls in Microsoft Teams on Windows, Mac, and Web.

What will happen:

A new Report a Call option will appear in Teams call history for one-to-one calls only (ON by default on the Teams client).
Users will be able to click more options next to any call and select Report a Call.
Relevant call metadata and limited contextual information will be securely shared with your organization and Microsoft.
Security teams will view detailed reported instances in the Microsoft Defender portal, which will require Defender for Office 365 (Plan 1 or Plan 2) or Defender XDR.
Information about user-submitted reports will be available in Teams Admin Center under Protection reports > User-reported security submissions.
Admins will be able to investigate and take appropriate action.

What you can do to prepare

While the reporting option is enabled by default on Teams clients, you can configure the Microsoft Defender portal to receive and access these reports or access basic submissions data in Teams admin center.

1. For enhanced reporting, enable the setting in the Microsoft Defender portal:

Navigate to User reporting settings.
Ensure the Teams call reporting setting is enabled.
Without this, detailed reported calls will not appear in the defender portal.

Alternatively, you can view reports in the Teams admin center:

Open Teams admin center > Analytics & Reports > Protection Reports.
Select User-reported security submissions from the drop-down.
Select the desired time period and interaction mode (Calls).

2. Prepare user communication:

Inform users about the new Report a Call option before rollout.
Clarify when to use it: suspicious calls, potential scams, unwanted calls from external parties.
Set expectations: reporting helps the organization, not just individual complaints.

To disable the experience on the Teams client:

In the Teams admin center, under Calling settings, disable the Report a Call toggle.

Compliance considerations

Data Processing:

Limited call-related metadata is processed when a user submits a report, including:

Call timestamp and duration
Caller ID information (if available)
Teams user IDs for participants
User's reason for reporting (if provided)