How do you deal with White Hat Hacker Emails?

[justsimplehosting]

I got an email the other day saying
"
Hello,
I'm {name}, White Hat Hacker
I've identified a vulnerability in your web application.
Waiting for your Positive response.
Best regards,
{name}
"
How do you responded to emails/tickets like this?
and if they have found a vulnerability how do you go about responding to this email?

 

[natan]

Recently all web hosting providers started receiving such emails. They mention pretty common issues with your web application like click-jacking, DMARC record etc., and ask for a bug bounty. Just mark it SPAM, and move on.

 

[justsimplehosting]

Recently all web hosting providers started receiving such emails. They mention pretty common issues with your web application like click-jacking, DMARC record etc., and ask for a bug bounty. Just mark it SPAM, and move on.

I did some research and that was what everyone else was saying.
Thanks natan

 

[easyhostmedia]

Just report these as spam to spamcop with full headers and block their IPs from your server.

I am getting a lot of spam lately from so-called web developers that use my website contact forms rather than emails, so they don't leave email headers (thinking they cannot be reported)

 

[justsimplehosting]

Just report these as spam to spamcop with full headers and block their IPs from your server.

I am getting a lot of spam lately from so-called web developers that use my website contact forms rather than emails, so they don't leave email headers (thinking they cannot be reported)

I have been blocking spammers IP's but i haven't been reporting them, so thank you for the advise easyhostmedia.

 

[server]

"
Hello,
I'm {name}, White Hat Hacker
I've identified a vulnerability in your web application.
Waiting for your Positive response.
Best regards,
{name}
"

BTW, did you fix those "issues"?

 

[etechsupport]

I did label as spam these kinds of messages