My member had his email address hacked. Is there a way I can change the address on his account without the Red Flag alert email also being sent to that old address, thereby alerting the hacker?

Search

Tools

Yes. Because the Red Flag warning message is never sent to an email marked as "wrong," here's a procedure that will prevent the alert from being sent to both the old and new email address:

Mark the member's existing (hacked) email address as wrong. Be sure to save and exit all the way out of the maintenance tool so that the change is recorded on the account.
Return to the account maintenance and change the email address to the member's new address (this will automatically remove the wrong email address flag at the same time, but you can uncheck it yourself, too, if you like). Save and exit as usual.
A red flag alert email will be sent to the new address, but not to the address previously marked as wrong.

BE CAREFUL: Records will still be written to your File Maintenance log (CUFMAINT) showing the "wrong" flag (PCWREMAIL1) being turned on, then another record showing the old email address (EMAIL1) being changed to the new one. Internal auditors should always pay close attention to any memberships where email addresses are changed.