Did You Accidentally Send an Email to the Wrong Person at Work?


How many times have you wished you could recall an email after sending it to the wrong person? Maybe you sent it to the wrong colleague, or even worse, someone outside your organization entirely.

With emails forming the main artillery of communication in most organizations, it is perhaps not surprising that misdirected emails were among the main causes of critical data loss in financial, legal and professional services firms in the UK in 2017.

The most common digital data security incident reported to the ICO was “data sent by email to the incorrect recipient, or failure to use bcc when sending email.”

#1: Try to recall the sent message

You've sent an email to the wrong person, how do you try to recall this email now, or prevent it being read by the wrong recipient?

If you send a message by accident, you can try to recall the message from the recipients by using the Recall This Message feature in Microsoft Outlook. The message recall feature lets you recall, replace, or delete messages that you have sent. This will only work if your recipient has not opened or seen your email yet and if they're using the same email server.

To recall or replace a message, follow these steps:

1. Locate the Sent Items folder

2. Open the message that you want to recall or replace

3. Click Actions on the ribbon or menu, and then click Recall This Message.

4. Enable the Delete unread copies of this message option to recall the message.

5. Or, enable the Delete unread copies and replace with a new message to replace the message with a new one.

6. To receive a notification about the success of the recall or replacement, enable the Tell me if recall succeeds or fails for each recipient option.

7. Click OK. If you chose the replace option, type your new message and send it.

#2: Ensure every email is sent with an email disclaimer

Email Disclaimers inform recipients about what they can and cannot do with the emails sent from your company. A humble request to inform the sender in case the message was intended for someone else will usually work. One of the most important things to mention in a good email disclaimer example is confidentiality. Simply speaking, it is to state that the message should be read only by the original recipient and that sharing its content is strictly forbidden.

#3: Automatically prevent emails ever being sent to the wrong person again

Tessian is an award-winning email security platform that helps enterprises counteract human error and prevent misdirected emails. Using advanced machine learning technology, Tessian analyses email networks and automatically prevents highly sensitive emails being sent to the wrong people. Some of the world’s leading organizations across the legal, financial, professional services sectors rely on Tessian as a critical component of their cybersecurity framework. Book a demo of Tessian here.

#4: Set up Undo - Send

  1. On your computer, open Gmail
  2. In the top right, click Settings 
  3. In the "Undo Send" section, check the box next to "Enable Undo Send"
  4. In the "Send cancellation period" section, set the amount of time you want to decide if you want to un-send an email
  5. At the bottom of the page, click Save Changes

Google released undo send within Gmail, but it is essentially just a feature which delays sending and gives you up to 15 seconds to actually decide if you do want to send the email. However if anything this just delays you and decreases email productivity further.

Emailing is such a familiar part of our daily lives that we don’t consider it to be as harmful as it can be. It is the main artery of communication for enterprises and governments, used to share the most highly classified and the most trivial of information.

Given the huge volumes of sensitive data traded every day by governments and businesses such as law firms, hedge funds, banks and medical clinics, the consequences of just one of these emails ending up in the wrong hands are extremely damaging. Not to mention the serious financial penalties of personal data breaches.

As of May 2018, when new GDPR legislation is enforced, organizations can be fined up to 4% of their global annual turnover for data breaches. In forcing businesses and governments to take accountability for the data they must protect, GDPR law also states that any personal data breach must be reported no later than 72 hours after becoming aware of it.

About Tessian

Tessian is building the world’s first Human Layer Security platform to fulfil our mission to keep the world’s most sensitive data and systems private and secure. Using stateful machine learning to analyze historical email data, Tessian’s Parallax Engine can predict for this user, at this point in time, does this email look like a security threat?

Book a demo to learn more about our email security platform.