MC1227625 - User reported security signals in Teams admin center

Introduction

As part of our ongoing protection investments in Microsoft Teams, we will continue expanding the ways users can report suspicious or incorrect activity. Users can already report security concerns and incorrect detections in chats and channels (MC1037768, MC1147984), and more recently in calls (MC1223828). These user‑submitted reports help identify potential malicious activity and strengthen your organization’s security posture.

Building on this foundation, we will introduce new capabilities that allow Teams administrators to review and export user‑reported security submissions directly in the Teams admin center. A new Protection reports section will be added under Analytics and reports, giving admins unified visibility into user‑reported calls, chats, and channels.

This message relates to Microsoft 365 Roadmap ID 536571.

When this will happen

Phase 1 – User‑reported call data

• Targeted Release: Rollout will begin in mid‑March 2026 and complete in late March 2026.
• General Availability (Worldwide): Rollout will begin in mid‑April 2026 and complete in late April 2026.

Phase 2 – User‑reported chats and channels

• This phase will add message‑level reporting for security concerns and incorrect detections.
• The timeline will be communicated in a future update to this Message center post.

How this affects your organization

Who is affected: Teams administrators who have access to Analytics and reports in the Teams admin center.

What will happen:

• A new Protection reports section will appear under Teams admin center > Analytics & reports:

  

• Admins will be able to view and export data about user‑submitted security reports for calls (Phase 1) and later chats and channels (Phase 2).
• Reported interactions will begin populating once users submit reports.
• Admins will be able to review reported calls or messages and take appropriate action.
• Admins will be able to view 1‑day, 7‑day, and 30‑day reporting windows.
• This feature will require that user reporting settings be enabled in the Teams admin center.

What you can do to prepare

To ensure reporting data is available when rollout begins, verify that end‑user reporting features are enabled:

• Enable Report a call: Teams admin center > Calling settings
• Enable Report a security concern and Report incorrect detection: Teams admin center > Messaging settings
• Once enabled and users begin submitting reports, access data at: Teams admin center > Analytics & reports > Protection reports > User‑reported security submission
• Update internal documentation if your helpdesk relies on reporting workflows.
• If you maintain training or onboarding materials about Teams security practices, consider adding guidance on how users can report suspicious interactions.

Compliance considerations