Morning all
I help run a moderately sized board. We've just had an email sent through from someone asking if we have a paid bounty programme for ethical hackers. I've had similar emails in the past but they've usually been riddled with spelling or grammar mistake and come from obviously spammy sources. This one seems a bit more legitimate, however, and I'm wondering if anyone else had received the same? It seems odd that they would target our site specifically - we're very much a non-profit, we have zero money - when there's many other phpBB installs out there that have more obvious financial backing. Also, I'm questioning the "ethicalness" of this as surely they'd know the best place to contact with a vulnerability would be here in the first instance, unless they are only financially motivated of course.
I'd very much appreciate any advice or thoughts on the subject please.
(And it goes without saying that our site is regularly backed up offsite)
I help run a moderately sized board. We've just had an email sent through from someone asking if we have a paid bounty programme for ethical hackers. I've had similar emails in the past but they've usually been riddled with spelling or grammar mistake and come from obviously spammy sources. This one seems a bit more legitimate, however, and I'm wondering if anyone else had received the same? It seems odd that they would target our site specifically - we're very much a non-profit, we have zero money - when there's many other phpBB installs out there that have more obvious financial backing. Also, I'm questioning the "ethicalness" of this as surely they'd know the best place to contact with a vulnerability would be here in the first instance, unless they are only financially motivated of course.
I'd very much appreciate any advice or thoughts on the subject please.
(And it goes without saying that our site is regularly backed up offsite)
Statistics: Posted by Baz4096 — Sat Apr 05, 2025 6:37 am