You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/attack-simulation-training-teams.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -10,17 +10,17 @@ ms.localizationpriority: medium
10
10
ms.collection:
11
11
- m365-security
12
12
- tier2
13
-
description: Admins can learn about the addition of Microsoft Teams in delivering simulated phishing attacks in Attack simulation training in Microsoft Defender for Office 365 Plan 2.
13
+
description: Admins can learn about the addition in Microsoft Defender for Office 365 Plan 2 of delivering simulated phishing attacks in Attack simulation training to Microsoft Teams.
14
14
search.appverid: met150
15
-
ms.date: 3/15/2024
15
+
ms.date: 3/13/2025
16
16
appliesto:
17
17
- ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 2</a>
18
18
---
19
19
20
20
# Microsoft Teams in Attack simulation training
21
21
22
22
> [!IMPORTANT]
23
-
> Microsoft Teams' Attack simulation training is currently in Private Preview, and the intake for this preview is now closed. The information in this article is subject to change.
23
+
> Microsoft Teams' Attack simulation training is currently in Private Preview. The information in this article is subject to change.
24
24
25
25
In organizations with Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR, admins can now use Attack simulation training to deliver simulated phishing messages in Microsoft Teams. For more information about attack simulation training, see [Get started using Attack simulation training in Defender for Office 365](attack-simulation-training-get-started.md).
26
26
@@ -41,10 +41,10 @@ The addition of Teams in Attack simulation training affects the following featur
41
41
42
42
In addition to having user reporting for Teams messages turned on as described in [User reported message settings in Microsoft Teams](submissions-teams.md), you also need to configure the Teams accounts that can be used as sources for simulation messages in Attack simulation training. To configure the accounts, do the following steps:
43
43
44
-
1. Identify or create a user who's a member of the [Global Administrator](/entra/identity/role-based-access-control/permissions-reference#global-administrator)<sup>\*</sup>, [Security Administrator](/entra/identity/role-based-access-control/permissions-reference#security-administrator), or [Attack Simulation Administrator](/entra/identity/role-based-access-control/permissions-reference#attack-simulation-administrator) roles in Microsoft Entra ID. Assign a Microsoft 365, Office 365, Microsoft Teams Essentials, Microsoft 365 Business Basic, or a Microsoft 365 Business Standard license for [Microsoft Teams](/office365/servicedescriptions/teams-service-description). You need to know the password.
44
+
1. Identify or create a user who's a member of the [Global Administrator](/entra/identity/role-based-access-control/permissions-reference#global-administrator), [Security Administrator](/entra/identity/role-based-access-control/permissions-reference#security-administrator), or [Attack Simulation Administrator](/entra/identity/role-based-access-control/permissions-reference#attack-simulation-administrator) roles in Microsoft Entra ID. Assign a Microsoft 365, Office 365, Microsoft Teams Essentials, Microsoft 365 Business Basic, or a Microsoft 365 Business Standard license for [Microsoft Teams](/office365/servicedescriptions/teams-service-description). You need to know the password.
45
45
46
46
> [!IMPORTANT]
47
-
> <sup>\*</sup> Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
47
+
> Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
48
48
49
49
2. Using the account from Step 1, open the Microsoft Defender portal at <https://security.microsoft.com> and go to **Email & collaboration**\>**Attack simulation training**\>**Settings** tab. Or, to go directly to the **Settings** tab, use <https://security.microsoft.com/attacksimulator?viewid=setting>.
50
50
3. On the **Settings** tab, select **Manager user accounts** in the **Teams simulation configuration** section.
@@ -93,7 +93,7 @@ Whether you create a payload on the **Payloads** page of the **Content library**
93
93
94
94
- If you select :::image type="icon" source="media/m365-cc-sc-create-icon.png" border="false"::: **Create a payload** on the **Tenant payload** tab to create a payload, the first page of the new payload wizard is **Select type** where you can select **Teams**. Selecting **Teams** introduces the following changes to the rest of the new payload wizard:
95
95
96
-
- On the **[Select technique](attack-simulation-training-payloads.md#create-payloads)** page, the **Malware Attachment** and **Link in Attachment** social engineering techniques aren't available for Teams.
96
+
- On the **[Select technique](attack-simulation-training-payloads.md#create-payloads)** page, the **Malware Attachment**, **Link in Attachment**, and **How-to Guide** techniques aren't available for Teams.
97
97
98
98
- The **Configure payload** page has the following changes for Teams:
99
99
-**Sender details** section: The only available setting for Teams is **Chat topic** where you enter a tile for the Teams message.
0 commit comments