Insights Data loss prevention recall
9 min read

Uh oh. You've sent an email to the wrong person: Here's what to do

Before we discuss what to do if you send an email to the wrong person, let’s do a quick reality check. We know that mistakes happen - more often than you might realize. In fact, in a survey of over 6,000 employees, a significant 62% admitted to making email errors.

Failure to prepare is preparing to fail, so knowing what to do when the worst happens could help you to avoid a major data leak. Because even when the worst happens (and sending an email to the wrong person can sometimes feel like the worst thing imaginable), a data leak can be avoided. We're here to share the tricks of the trade so you know how to take control and prevent a data leak. 

Can I delete an email I sent to the wrong person? 

While you can’t necessarily delete an email that’s already been sent, you can try to recall or undo the action, depending on the email provider you’re using.

Email clients like Outlook have a recall feature, and Gmail has an undo option. However, these options come with their own limitations. Factors such as the timeframe, the recipient not using the same email client, or the email being opened can hinder recall attempts. This is why it’s important to act quickly and follow up with additional steps if the recall is not successful.

How to use the recall feature in emails 

If you’re using an email client like Microsoft Outlook or Gmail, you may have the option to recall the email. Here’s how to do so on both platforms:

Recalling an email in Microsoft Outlook

Outlook offers a message recall feature, but it only works under certain conditions. The recipient must be using Outlook and be on the same email server. To recall the email, you need to:

  1. Go to the "Sent Items" folder
  2. Open the email you want to recall
  3. Click on "Actions" in the "Move" group on the ribbon
  4. Select "Recall This Message”
  5. Choose whether you want to delete the unread copies of the email or replace the email with a new message
  6. Click "OK"

Keep in mind that this feature is not foolproof and may not work if the recipient has already opened the email or if they are using a different email client.

How to undo emails in Gmail

Gmail provides an "Undo Send" feature, which allows you to recall an email immediately after sending it. You need to enable this feature in your settings but it only works within a short time frame after sending the email (up to 30 seconds). 

Right after you send a message: 

  • In the bottom left, you’ll see “Message sent” and the option to “Undo” or “View message”
  • Click Undo

If you don’t have this feature enabled in Gmail: 

  • Go to Gmail settings
  • Find the Undo Send section and set the cancellation period of 5,10, 20, or 30 seconds
  • At the bottom, click “Save changes”

What are the next steps? 

In both Gmail and Outlook, recalling an email isn’t user-friendly or fail safe. So, when a recall isn't possible or fails, it's vital to manage the data loss effectively.

1. Contact the recipient 

Immediately reach out to the unintended recipient. Politely request that they delete the email without reading it and not open the attachments.

2. Assess the impact

Determine the sensitivity of the information sent and the potential repercussions. Consider the following questions:

  • What type of data was sent? Was it personal, financial, or proprietary information?
  • Who was the unintended recipient? Are they internal to the organization or an external party?
  • What could be the potential impact? Consider legal, financial, and reputational risks.

3. Communicate transparently


It’s important to notify affected parties and stakeholders about the breach as soon as possible. We understand that this isn’t an ideal situation and you may feel guilty or worried, but transparency helps maintain trust and ensures compliance with data protection regulations such as GDPR and CCPA. So make sure you:

  • Inform your data protection team and management about the incident
  • If required, notify clients, customers, or partners affected by the breach

4. Implement new security measures

To ensure that this doesn’t happen again, changes need to be made within your organization. Implementing an email security tool is essential. Solutions like Zivver enhance email clients such as Outlook and Gmail with data loss prevention tools, reporting suites, and advanced encryption protocols, all of which support the continuous improvement of your security policies and procedures.

This ultimately helps minimize risks and ensures the integrity and confidentiality of sensitive information. 

How can Zivver prevent sending emails to the wrong person? 

Zivver is designed to help organizations securely send emails and share files. Here’s how our tool can help your organization prevent this from happening again: 

Recipient confirmation prompts

Zivver Secure File  and Zivver Secure Email features prompt users to verify recipient email addresses and to double check the contents of emails and attachments before sending emails containing sensitive information. This added step helps ensure that emails are sent to the correct recipients and reduces the risk of human error.

Email recall capabilities 

Revoke access - Gmail - 4751x3406px (2)

Zivver’s recall feature allows users to instantly and definitively revoke access to emails and files after sending. This feature isn’t only reassuring for potentially missent emails, but provides the sender with confidence that data can be controlled long after it has been shared. 

Two-factor authentication (2FA)

Two-factor authentication requires recipients to verify their identity before accessing the email. This ensures that even if the email is sent to the wrong address, unauthorized individuals cannot access its contents without the second authentication factor.

Outlook_Backgrounds_4751x3406px_AW_ 2FA VERIFICATION

Real-Time Data Leak Prevention (DLP)

Zivver’s DLP capabilities monitor outgoing emails for sensitive information and prompts users to check and confirm their actions before sending. This real-time scanning helps prevent accidental data leaks by alerting users to potential issues, such as sending sensitive information to the wrong recipient.

Secure communication channels

All emails sent via Zivver are secured with end-to-end and zero access encryption. This means that even if the email is sent to the wrong person, the content remains encrypted and unreadable without the proper decryption keys, which only the intended recipient has.

Detailed audit trails

Outlook_Backgrounds_4751x3406px_AW_PROOF OF DELIVERY

Zivver provides detailed logs of all actions related to an email, including when it was sent, opened, and by whom. This transparency allows Chief Information Security Officers (CISOs) to monitor email activities, identify patterns and anomalies, enhance incident response, and ensure compliance by having accurate records to meet regulatory requirements and demonstrate adherence to data protection laws.

Turn a mistake into an opportunity for improvement 

Sending confidential information to the wrong email address can be a stressful and potentially damaging mistake, but knowing how to respond can mitigate the risks. By understanding the limitations of email recall features, taking immediate corrective actions, and leveraging email security tools, your organization can manage such incidents effectively and maintain trust and security.

Ready to ensure this is the last time an email is sent to the wrong recipient? Get in touch to get started.
First published -
Last updated - 26/06/24
Free demo
ticker-tape-arrow-icon
Free demo
ticker-tape-arrow-icon
Free demo
ticker-tape-arrow-icon

Ready for a deeper dive? So are we.

Request a free demo
ZIVVER_FOOTER_20%