Web application change email algorithm

I am developing an ASP.NET Core web application with user management functionalities. My question is about the email address changing algorithm. Almost every web app I saw before have the following flow:

  1. User authorized
  2. User requested an email address change
  3. User received a message on the new mailbox with the confirmation link
  4. User clicks the link and the email address updates

But I think, this algorithm might be a bit insecure and that is what I want to discuss here.

How about this flow:

  1. User authorized
  2. User requested email change
  3. User received a message on the old mailbox with the confirmation link
  4. User received a message on the new mailbox with the second confirmation link
  5. User clicks the link and the email address updates

With this additional step in the middle of the algorithm, things may be much better from the security perspective, but would it be too complex or not?
How do you think what algorithm I should implement? And what would you prefer if you will be in my shoes?