Forum Discussion
Teams guest invitation emails pose serious (information leakage) risks
ITSChange I don't see how you would solve that. Adding the full name or email to the invite would only ever achieve a false sense of safety. The best solution would be if the invite was sent from the remote users mailbox, but that would also have other issues and I'm sure other competitors aren't able to do that.
Hi StevenC365, I completely agree as you might see in my message. Though this is a default way of working in Teams and Teams 'personal' and even in a case where you might expect an invitation, it's gives you now clue if this is the right person. In 'personal' (Windows 11) chats, it can even offer an phishing approach.
Additionally, with one or more externals, it's hard to identify where they come from/ who is who. Hovering over a (external Microsoft accounts) only shows a name and "External".
ITSChange I don't see how you would solve that. Adding the full name or email to the invite would only ever achieve a false sense of safety. The best solution would be if the invite was sent from the remote users mailbox, but that would also have other issues and I'm sure other competitors aren't able to do that.