RussellHltn wrote:Short of doing your own membership audit, how so?
1. The e-mail address of the impostor included the first name of the impostor and it was obvious that the name did not belong to the ward member. By itself, that should have prompted me to start a casual conversation about the ward website with the member.
2. I have been thinking that I need to do an "e-mail acknowledgment" survey. Any person who does not acknowledge receipt of the e-mail may no longer control their e-mail address. A valid, but inactive, e-mail address may pose a security risk. For example, the e-mail box of a departed employee may be monitored by the IT department.
3. This particular website account was set up for the e-mail address to be private and for no e-mail broadcasts to be received. While that does not suggest a security problem, it is very unusual. I think I have only one or two other accounts like that in my ward. I can confirm this supposition quite quickly, and I should do that.
4. I have confirmed a large number of e-mail addresses through enrollment, so I know they are valid. This particular e-mail address already existed when I started maintaining the website. It was sort of "inherited." I'm finding more problems with e-mail addresses when members move in, than for members that have been in the ward for a while or for members where I have had interaction (As I learn about other problems, I clean them up... so in some degree or another, I have validated most of the e-mail addresses for members in my ward).
Each of the above are important factors that can help maintain the website and its security.