You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/submissions-teams.md
+16-21Lines changed: 16 additions & 21 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -101,9 +101,19 @@ The value of this setting is meaningful only if message reporting is turned on i
101
101
102
102
For more information about user reported message settings in the Defender portal, see [User reported settings](submissions-user-reported-messages-custom-mailbox.md).
103
103
104
-
## How usersreport malicious messages in Teams
104
+
<aname="how-users-report-messages-in-teams"></a>
105
105
106
-
1. In the Microsoft Teams client, hover over the malicious message without selecting it, and then select **... More options**\>**Report this message**.
106
+
## How users report messages in Teams
107
+
108
+
> [!TIP]
109
+
>
110
+
> - Reported messages remain visible to users.
111
+
> - Users can report the same message multiple times.
112
+
> - Message senders aren't notified their messages were reported.
113
+
114
+
### Report malicious messages in Teams
115
+
116
+
1. In the Microsoft Teams client, hover over the malicious message without selecting it, and then select :::image type="icon" source="media/m365-cc-sc-more-actions-icon.png" border="false"::: **More options**\>**Report this message**.
107
117
108
118
:::image type="content" source="media/submissions-user-report-message-in-teams-client-click-path.png" alt-text="Screenshot of the Select path to report a message in the Microsoft Teams client." lightbox="media/submissions-user-report-message-in-teams-client-click-path.png":::
109
119
@@ -116,25 +126,12 @@ For more information about user reported message settings in the Defender portal
116
126
117
127
3. In the confirmation dialog that opens, select **Close**.
118
128
119
-
> [!NOTE]
120
-
> - The reported message remains visible to the user in the Teams client.
121
-
> - Users can report the same message multiple times.
122
-
> - The message sender isn't notified that messages were reported.
129
+
### Report non-malicious messages in Teams
123
130
124
-
## How users report non malicious messages in Teams
131
+
1. In the Teams chat or channel, hover over the message without selecting it, and then select :::image type="icon" source="media/m365-cc-sc-more-actions-icon.png" border="false"::: **More options**\>**Report this message**.
125
132
126
-
1. In the Teams chat or channel, locate the message that was flagged.
127
-
2. Hover over the message without selecting it.
128
-
3. Select ... More options > Report this message.
129
-
4. In the report dialog that opens, select Not a security concern.
130
-
5. Select Report to submit your feedback.
133
+
2. In the **report this message** dialog that opens, select **Not a security concern**, and then select **Report**.
131
134
132
-
133
-
> [!NOTE]
134
-
> - The reported message remains visible to the user in the Teams client.
135
-
> - Users can report the same message multiple times.
136
-
> - The message sender isn't notified that messages were reported.
137
-
138
135
## What happens after a user reports a message from Teams?
139
136
140
137
What happens to a user reported Teams message depends on the settings in the **Reported message destinations** section on the **User reported settings** page at <https://security.microsoft.com/securitysettings/userSubmission>:
@@ -151,12 +148,10 @@ For more information, see [User reported settings](submissions-user-reported-mes
151
148
- If you select **Send the reported messages to**\>**My reporting mailbox only**, reported messages don't go to Microsoft for analysis unless an admin manually submits the message from the **User reported** tab on the **Submissions** page at <https://security.microsoft.com/reportsubmission?viewid=user>. Reporting messages to Microsoft is an important part of training the service to help improve the accuracy of filtering (reduce false positives and false negatives). That's why we use **Send the reported messages to**\>**Microsoft and my reporting mailbox** as the default.
152
149
- Regardless of the **Send the reported messages to** setting, the following actions occur when a user reports a Teams message:
153
150
- Metadata from the reported Teams message (for example, senders, recipients, reported by, and message details) is available on the **User reported** tab on the **Submissions** page.
154
-
- The alert policies named **Teams message reported by user as a security risk** and **Teams message reported by user as a not security risk**generates an alert by default. For more information, see [Manage alerts](/defender-xdr/alert-policies#manage-alerts).
151
+
- The alert policies named **Teams message reported by user as a security risk** and **Teams message reported by user as a not security risk**generate alerts by default. For more information, see [Manage alerts](/defender-xdr/alert-policies#manage-alerts).
155
152
156
153
To view the corresponding alert for a user reported message in Teams, go to the **User reported** tab on the **Submission** page, and then double-click the message to open the submission flyout. Select :::image type="icon" source="media/m365-cc-sc-more-actions-icon.png" border="false"::: **More options** and then select **View alert**.
157
154
158
-
159
-
160
155
## View and triage user reported messages in Teams
161
156
162
157
As previously described, information about user reported messages in Teams is available on the **User reported** tab on the **Submissions** page at <https://security.microsoft.com/reportsubmission?viewid=user>. For more information, see [View user reported messages to Microsoft](submissions-admin.md#view-user-reported-messages-to-microsoft).
0 commit comments