Hopefully, by including cryptographic process, it is clearer what I am doing:

If we say:
Original public key: PB
User B's private key: kB
Tweak (SHA-256 of message): t = SHA-256(M)
Tweaked public key: PB' = PB + T
Tweaked private key: kB' = kB + t


1: User B's Original Key pair ( which is created in the normal way on their own machine)
User B's public key, PB, comes from multiplying their private key, kB, with the elliptic curve's generator point, G: PB = kB * G.

2: User A Generates a new Address for User B
User A takes User B's public key(which is known to them), PB, and selects a message, M, for the tweak (like "Payment for something" or a nonce of some kind).
User A generates a tweak value, t, by hashing the message M using SHA-256, for example: t = SHA-256(M).
This tweak, t, is converted into a point on the curve by multiplying it with the generator point, G, to get T: T = t * G.
User A adds this point, T, to User B's original public key, PB, to get a new tweaked public key, PB': PB' = PB + T.
The tweaked public key, PB', now serves as User B's new address for receiving funds. User A, only ever came in contact with User B’s Public key.

3: User B Accesses the Funds
To spend the funds, User B needs the corresponding private key for PB', called kB'.( this is the one they generated or already had in step 1)
Since PB' is the result of adding PB and T (PB' = PB + T = kB * G + t * G = (kB + t) * G), User B can find kB' by adding the original private key, kB, to the tweak value, t: kB' = kB + t.
User B uses this tweaked private key, kB', to sign transactions from the new address.

At no point was there a shared private key, and therefore there would be no urgency for User B to move the funds from the generated address, because only User B has both the original private key, and the message(the tweak) required to to generate the private key for the tweaked public key in the first place.