PRACTITIONER GUIDE | THREAT DEFENSE
Practitioner GuideUpdated 9 min read

Microsoft Teams Guest Access Security Risk: How Attackers Exploit Unprotected External Tenants

Teams Essentials
Microsoft plan with Teams access and no Defender for Office 365 -- usable as an attacker launch platform
Resource tenant
Security policies of the hosting tenant apply to Teams meetings but not necessarily to all message content
Cross-tenant access
Restrict which external tenants can access your Teams via Entra cross-tenant access settings

SponsoredRetool

Retool's new app builder is where AI-generated code ships safely

Building apps with AI is easy. Getting them to production safely is another story.

Start building for free today

Teams external collaboration is a legitimate and productive feature. The security gap comes from the architecture: Teams content security depends on which Defender for Office 365 policies are active, and policies are applied by the tenant where the content is processed. For files shared in Teams channels, SharePoint Online (your tenant) handles storage and scanning. For direct messages and chats, the scanning behavior is more nuanced and depends on the Defender for Office 365 configuration. Attackers have mapped this gap and use low-cost tenant accounts as a delivery vector for malicious content that bypasses enterprise-grade scanning.

Understanding the Attack Scenario

Attack setup: the attacker creates or controls a Microsoft 365 tenant with no Defender for Office 365 (Business Basic, Teams Essentials, or a trial tenant). From that tenant, they send a Teams message (via guest invite or external federation) to a target user in the enterprise tenant. The message contains a malicious URL or a SharePoint link pointing to a malicious file hosted on the attacker's tenant. Because the file is on the attacker's tenant (not the enterprise tenant's SharePoint), the enterprise tenant's Safe Attachments policy does not scan it. Because the URL is sent via Teams chat rather than email, it may not be processed by the enterprise tenant's Safe Links policy depending on the Defender for Office 365 configuration. The user clicks the link or downloads the file, believing it is from a legitimate Teams contact. The file or page executes malicious code on the user's endpoint. This attack was confirmed by Avanan (Check Point) researchers in 2022 and has been observed in real-world incident response cases. Microsoft has progressively improved Safe Links coverage for Teams links, but the coverage gap for cross-tenant SharePoint links in Teams messages persists in configurations that are not specifically hardened.

Verify Your Defender for Office 365 Teams Coverage

In the Microsoft 365 Defender portal (security.microsoft.com): Email and collaboration > Policies and rules > Threat policies > Safe Attachments. Verify a Safe Attachments policy exists that includes Microsoft Teams in its scope. Safe Attachments for Teams scans files shared in Teams channels, chats, and meeting files -- verify the policy is set to Block or Dynamic Delivery (not Off). In Safe Links: verify a Safe Links policy applies to Teams messages (the 'Microsoft Teams' toggle in the policy). Safe Links for Teams rewrites and time-of-click checks URLs sent in Teams messages -- this is the primary protection against malicious URLs in Teams chats. Gap: Safe Links rewrites URLs in Teams messages from addresses recognized as Microsoft-handled URLs. Links that redirect through external redirectors, URL shorteners, or legitimate but compromised websites may not be rewritten. Also check: Defender for Office 365 Safe Links does not scan URLs to SharePoint sites in other tenants the same way it scans web URLs -- clicking a link to files.microsoft.com/malicious-tenant may not trigger Safe Links protection.

Free daily briefing

Briefings like this, every morning before 9am.

Threat intel, active CVEs, and campaign alerts, distilled for practitioners. 50,000+ subscribers. No noise.

Restrict Which External Tenants Can Access Your Teams

The most direct defense is controlling which external tenants can communicate with your users via Teams at all. In the Teams admin center (admin.teams.microsoft.com): Users > External access. Configure External access settings: Allow all external domains (default, highest risk) allows any Microsoft 365 tenant to send messages to your users. Allow only specific external domains restricts to named partner organizations -- all other tenants are blocked. Block specific domains while allowing all others is the minimal restriction -- block known attacker infrastructure. For most enterprises: switch from 'Allow all' to 'Allow only specific external domains.' Maintain an approved list of partner tenant domains that your users legitimately collaborate with. This requires ongoing maintenance but significantly reduces the attacker surface. Guest access (users from another tenant invited as guests to your Teams and channels) can be separately controlled in the Teams admin center under Guest access settings and via Entra ID cross-tenant access settings.

User Guidance and Additional Technical Controls

Technical controls complement user guidance for Teams external access security. User guidance for Teams external collaboration: treat external contacts in Teams with the same skepticism as external email. Verify the identity of unexpected external contacts via a separate channel before clicking links or downloading files. Check the tenant domain of the external user (visible in Teams beside their name or in their profile) -- an unexpected or unfamiliar domain sending unsolicited files is a red flag. Technical controls beyond Defender configuration: Microsoft Defender for Cloud Apps (MDCA) session policies can intercept Teams downloads and scan them via MCAS's own malware scanning engine, providing an additional scanning layer for cross-tenant file access. Azure Communication Services Content Moderation and Teams Information Barriers can restrict which specific users in your tenant can be contacted by externals. Conditional Access policies that restrict Teams access for guests from specific high-risk tenant categories (consumer tenants, unverified domains) can be applied.

Monitor for Suspicious External Teams Interactions

Detection controls for Teams external access abuse: in Microsoft Defender XDR (unified security.microsoft.com), the Advanced Hunting table TeamsMessageEvents (in preview, available via Defender XDR Advanced Hunting) logs Teams messages including sender tenant domain, message content type, and attachments. Alert on: messages from newly registered or unrecognized external tenant domains containing file attachments or URLs. Multiple messages from the same external contact to different employees in a short time window (scanning for susceptible recipients). Messages containing URLs from the attacker's tenant domain (*.sharepoint.com of the attacker tenant). In the Microsoft 365 Unified Audit Log: search for ExternalSharingInvitationCreated and TeamsSessionStarted events involving unknown external domains. Integrate with your threat intelligence feed: if you have intelligence on attacker-controlled tenant domains, alert on any Teams communication from those domains.

The bottom line

Teams external access from unprotected tenants is a real delivery vector for malicious content that bypasses your Defender for Office 365 scanning. Verify Safe Attachments and Safe Links are configured for Teams. Restrict external access to approved partner domains rather than allowing all tenants. Train users to treat external Teams contacts with the same caution as external email. Monitor TeamsMessageEvents in Defender XDR for unusual cross-tenant file transfers.

Frequently asked questions

Does restricting external access to specific domains break legitimate Teams federation with partners?

Yes -- switching from 'Allow all external domains' to an allowlist requires adding every partner domain your users legitimately communicate with via Teams. Work with business units to inventory which external tenants they collaborate with before making the change. The transition creates a one-time inventory effort but produces a maintained access control list. Allow approximately two to four weeks for the partner domain inventory and testing before flipping to allowlist mode.

Is Teams guest access more dangerous than Teams external access (federation)?

They present different risk profiles. Guest access (user invited as a guest in your tenant's Teams or channels) gives the external user a presence in your directory and access to specific channels and files -- the scope is defined by what they are invited to. External access (federated messaging) allows any user in the federated tenant to send messages to your users without having a presence in your tenant -- the scope is broader (any user to any user) but the access depth is shallower (messages and calls only, no channel access). From a malicious content delivery standpoint, external federation is used for initial contact and malicious file delivery; guest access is more useful for persistence and lateral movement within your Teams environment.

Does Microsoft 365 E5 Safe Attachments scan files shared from external SharePoint?

Safe Attachments for SharePoint and OneDrive scans files in your tenant's SharePoint and OneDrive. Files hosted in an external tenant's SharePoint and accessed via a shared link are not scanned by your tenant's Safe Attachments policy -- they are scanned by the sending tenant's policies (or not at all if the sending tenant lacks Defender for Office 365). Microsoft Defender SmartScreen provides some protection at the browser level for known malicious URLs, but it does not replace Safe Attachments for scanning file content.

Can attackers create Microsoft 365 tenants easily enough for this to be practical?

Yes. Microsoft 365 Business Basic starts at a few dollars per user per month and can be purchased with a credit card. Free trials of Microsoft 365 (30-day) provide full Teams access. The barrier to creating an attacker-controlled tenant is extremely low. This is what makes the external tenant attack surface meaningful -- the attacker's tenant setup cost is negligible compared to the value of bypassing enterprise-grade Defender for Office 365 scanning.

How does Safe Attachments for Teams differ from Safe Attachments for Exchange Online?

Safe Attachments for Exchange Online scans email attachments in transit before they are delivered to the mailbox -- the scanning happens at the MX gateway level. Safe Attachments for Teams (part of Defender for Office 365 Plan 1) scans files shared in Teams channels and chats asynchronously after they are uploaded to SharePoint or OneDrive storage. There is a brief window between file upload and scan completion during which the file is accessible. For malware that is highly time-sensitive (files that self-delete after execution), this async window is a theoretical gap. The protection is effectively the same for most use cases -- files that scan as malicious are quarantined and the sharing link becomes inaccessible. Configure Safe Attachments for Teams in the Microsoft 365 Defender portal under Policies > Safe Attachments.

How do you restrict external tenant access in Microsoft Teams to specific trusted organizations rather than blocking all external communication?

External access in Teams is configured at two levels: tenant-level external access (controls federation with other Teams tenants) and guest access (controls B2B guest accounts within your tenant). To restrict to specific trusted organizations: in the Teams admin center under Users > External access, set 'External access' to 'Allow only specific external domains' and add the domains of your trusted partners. This allows Teams federation (external chat and calls) only with those named tenants. For a more granular approach using Entra ID B2B: disable the default Cross-Tenant Access setting that allows all inbound B2B from any tenant, then configure tenant-specific inbound access policies for each partner tenant that specify which of their users can be invited and what MFA requirements apply. Users from non-listed tenants will be blocked from joining Teams meetings as guests in your tenant. Monitor cross-tenant interactions via the Entra ID cross-tenant access activity workbook, which shows B2B sign-in patterns to identify unexpected external access from tenants not in your trusted list.

Sources & references

  1. Microsoft: Security in Microsoft Teams
  2. Microsoft: Safe Attachments for Teams

Free resources

25
Free download

Critical CVE Reference Card 2025–2026

25 actively exploited vulnerabilities with CVSS scores, exploit status, and patch availability. Print it, pin it, share it with your SOC team.

No spam. Unsubscribe anytime.

Free download

Ransomware Incident Response Playbook

Step-by-step 24-hour IR checklist covering detection, containment, eradication, and recovery. Built for SOC teams, IR leads, and CISOs.

No spam. Unsubscribe anytime.

Free newsletter

Get threat intel before your inbox does.

50,000+ security professionals read Decryption Digest for early warnings on zero-days, ransomware, and nation-state campaigns. Free, daily, no spam.

Unsubscribe anytime. We never sell your data.

Eric Bang
Author

Founder & Cybersecurity Evangelist, Decryption Digest

Cybersecurity professional with expertise in threat intelligence, vulnerability research, and enterprise security. Covers zero-days, ransomware, and nation-state operations for 50,000+ security professionals every morning.

Black Hat Giveaway

Win a $2,495 Black Hat pass.

Full-access to Black Hat USA 2026 in Las Vegas. Subscribe free to enter.

Joins Decryption Digest daily briefing. Unsubscribe anytime.

Giveaway: Black Hat USA 2026 Full-Access Pass ($2,495 value)

Details →
Daily Briefing

Subscribe to enter the giveaway

Every subscriber is automatically entered. You also get daily threat intel every morning: zero-days, ransomware, and nation-state campaigns. Free. No spam.

Already subscribed? You're already entered.

Giveaway

Win a $2,495 Black Hat USA 2026 pass.