How do you deal with White Hat Hacker Emails?

justsimplehosting

New member
I got an email the other day saying
"
Hello,
I'm {name}, White Hat Hacker
I've identified a vulnerability in your web application.
Waiting for your Positive response.
Best regards,
{name}
"
How do you responded to emails/tickets like this?
and if they have found a vulnerability how do you go about responding to this email?
 

natan

Member
Recently all web hosting providers started receiving such emails. They mention pretty common issues with your web application like click-jacking, DMARC record etc., and ask for a bug bounty. Just mark it SPAM, and move on.
 

justsimplehosting

New member
Recently all web hosting providers started receiving such emails. They mention pretty common issues with your web application like click-jacking, DMARC record etc., and ask for a bug bounty. Just mark it SPAM, and move on.
I did some research and that was what everyone else was saying.
Thanks natan
 

easyhostmedia

Well-known member
Just report these as spam to spamcop with full headers and block their IPs from your server.

I am getting a lot of spam lately from so-called web developers that use my website contact forms rather than emails, so they don't leave email headers (thinking they cannot be reported)
 

justsimplehosting

New member
Just report these as spam to spamcop with full headers and block their IPs from your server.

I am getting a lot of spam lately from so-called web developers that use my website contact forms rather than emails, so they don't leave email headers (thinking they cannot be reported)
I have been blocking spammers IP's but i haven't been reporting them, so thank you for the advise easyhostmedia.
 
Top