Forum Discussion
Two Linked Outlook Issues Causing Accidental Emails to Wrong Clients Feature Request + Bug Report
Hi Outlook Community,
I'm posting this after a real incident at work where I accidentally sent a confidential email to the wrong client. After reflecting on what went wrong, I've identified two separate but related Outlook issues that compounded the mistake and I want to raise both here so they reach the right people.
Bug: Autocomplete Recipient Changes After You Press Enter
This one is subtle but dangerous. When you start typing a name in the To/CC/BCC field, Outlook shows an initial autocomplete suggestion. If you press Enter before the search fully resolves, the dropdown refreshes mid-selection and the contact that actually gets added is *different* from the one that was highlighted when you hit Enter.
You don't get any warning. You believe you've selected the right person. You haven't.
I've submitted this via the Feedback Portal here:
https://feedbackportal.microsoft.com/feedback/idea/9a32197e-5424-f111-9730-0022485314bc
Suggested fix: Freeze the highlighted contact reference at the moment Enter/Tab is pressed, independent of any ongoing background search refresh.
---
Feature Request: Cross-Domain Recipient Warning (like the missing-attachment check)
Outlook already warns you before sending if it detects you may have forgotten an attachment. I'd love to see a similar pre-send check for this scenario:
You are about to send an email to recipients across 3 different organisations. Did you mean to do this?
In consulting, legal, finance, and any client-facing role, it's very easy to accidentally include someone from Client B on an email meant only for Client A especially when contacts share similar names. A configurable domain-count threshold (default: 2 external domains) with a soft confirmation prompt would catch this class of mistake before it becomes a compliance incident.
Key asks:
- Configurable threshold (user-level)
- Domain whitelist support (e.g., always allow your own org + a known partner)
- Covers To, CC, and BCC combined
- Non-blocking same UX pattern as the attachment warning
I've submitted this as a feature request here:
https://feedbackportal.microsoft.com/feedback/idea/9a32197e-5424-f111-9730-0022485314bc
---
Has anyone else run into either of these? Would love to know if the autocomplete bug is reproducible for others that would help push it up the priority queue.
Thanks for reading.
Sudharm P
2 Replies
Yes Sudharm, many organizations experience the same thing, but most cases are driven by embarrassing mistakes and never get widely discussed. In general, this kind of incident is called “a misdirected email,” and industry reports suggest that a large majority of companies still lack robust outbound email safeguards.
Until something like this is built into Outlook, one option some organizations take is to use an Outlook add-in that performs an extra, policy-based confirmation step before messages leave the outbox (for example, when new external domains are detected or when certain keywords or attachments are present). These tools do not change the core autocomplete behavior, but they can add a final “are you sure these recipients are correct?” dialog that significantly reduces wrong-recipient and cross-client sends.
Hopefully the product team can address both the autocomplete bug and this kind of recipient-check feature natively so people don’t have to rely on add-ons for such a critical safeguard.
Hi Sudharm,
What you are describing happens much more frequently than is ever reported. This is because so many companies are embarrassed to admit that they made a mistake, even if that mistake was quite serious.
I produce an Outlook add-in called Safeguard Send (available at https://marketplace.microsoft.com/en-us/product/sperrysoftwareinc1650990119106.safeguard-send-standard-plan?exp=ubp8&tab=Overview) that warns you when you are going to send an email outside your company, or if you're going to send to multiple different domains, and more.
When customers call, I always ask what's driving the decision to implement our tool and the answer is almost always the same, some variant of "a boss made a mistake and now wants a solution to prevent him from making that mistake again".
I don't have an answer for you regarding the recipient actually changing after you thought you clicked the right one, but I can say that the add-in can warn you when you are sending to recipients in multiple domains (among other features). It supports all your "Key asks" listed above.
