For many organizations, data loss isn’t always driven by attackers; everyday mistakes are increasingly responsible. Misdirected Email Prevention (MEP) applies Abnormal's behavioral AI at the moment work happens, stopping accidental outbound data loss before it occurs while giving security teams the visibility and control they need to keep their people productive and protected.

Fueled by accelerating customer adoption, we are evolving MEP to achieve new levels of precision. Our latest updates sharpen detection accuracy, cut unnecessary alert noise, and give teams clearer insight into what's happening across their environments so they can act with confidence.

MEP learns communication patterns across your organization and analyzes email context to identify when a message is likely being sent to the wrong recipient. If risk is detected, the email is automatically routed to Microsoft’s native quarantine before it leaves your tenant. The sender receives a simple, informative notification with the option to Send Anyway or Cancel Sending, and your security team gains a complete audit trail in the Outbound Log. All of this is enabled through minimal configuration in Microsoft 365.

To strengthen accuracy and reduce operational friction, the latest MEP enhancements focus on improving detection quality, minimizing unnecessary interruptions, and ensuring legitimate work can move forward without delay.

More accurate filtering for claims-related emails.

Claims teams often face unnecessary delays when legitimate claim communications are mistakenly held or flagged.

MEP now better understands claims-specific language, document types, and workflows, allowing legitimate claims communications to continue without interruption while filtering out irrelevant noise.

Fewer unnecessary holds mean faster cycle times for claims handlers, less end-user friction, and lower SOC overhead from avoidable triage.

Enhanced intent understanding that eliminates obvious false positives.

Security teams and users lose valuable time reviewing benign messages that are incorrectly flagged as risky.

Advanced AI modeling of sender/recipient relationships, message purpose, and historical patterns helps MEP better distinguish clearly valid business messages from risky misdirection scenarios.

Reduced alert fatigue builds trust in detections, allowing teams to act quickly on the events that truly need attention.

Improved recognition of client references throughout the message.

Important client context is often buried in the body of an email, making it difficult to detect client mentions accurately.

With deeper contextual understanding, MEP can more reliably identify nuanced client mentions anywhere in the email body or subject.

Better coverage improves detection quality and consistency, reducing the chance that context buried in the body causes a miss or a misroute.

Mail flow status within Misdirected Email Settings.

Administrators often lack an easy way to confirm whether outbound protection is fully functional.

A clear status indicator now shows when MEP is properly configured and active, including confirmation that emails are flowing through the service.

Instant configuration assurance removes guesswork and accelerates troubleshooting, so admins can validate protection at a glance.

Mail flow status banner in the Outbound Log.

During investigations, admins need clear visibility into whether the system is functioning as expected.

A new banner displays current mail flow state directly in the Outbound Log, surfacing coverage context alongside detections and remediation history.

Operational clarity at the point where admins review events streamlines investigations and prevents blind spots during audits.

Ability to apply detections to specific users or groups.

Organizations need flexibility to roll out new security capabilities gradually or focus protection on high-risk groups first.

Admins can now roll out MEP to a subset of users, distribution lists, or departments, starting with high‑risk groups, before expanding broadly.

Controlled, phased deployment supports change management, enables quick wins where risk is highest, and lets teams validate value and tune change-management processes before company‑wide rollout.

Together, these enhancements deliver greater precision, strengthen trust in every detection, and provide administrators with more robust controls. MEP now applies Abnormal behavioral AI across the full email lifecycle, unifying inbound and outbound protection to reduce risk without slowing work. With smarter signals, improved visibility, and expanded deployment options, it is easier than ever to prevent accidental data loss at scale.

To learn more about Misdirected Email Prevention, read the launch blog and see it live in a personalized demo.