If You Find a Way to Hack into Anyones Email, What Should You Do?

Yes so what if you find a way to hack someone's Email? Like anyone's email. You will get access to their FB, twitter, rest and even PayPal.
How much do you think a company will pay if you report this hack?

Poll Options expired

  • 10
    Contact the Email company and ask for some reward (reward? possible?).
  • 23
    Who cares? just live your life and ignore.
  • 0
    Sell it to anyone? (which is not a right thing to do)

Comments

  • Julian Assange ?

  • +4

    The question you need to ask is how many years will you get?.

  • Sign them up to pr0n

  • http://www.ibtimes.com/paypal-accounts-hacked-click-engineer…

    19k USD and no chance of prosecution (aside from being super unethical) is pretty good.

    • I wish 19k even though my expectations are no more than 10k.

      • haha, the article said 10k USD, but I accidentally hit the 9 instead of the 0.

  • +6

    What happened to "inform the company without expecting any rewards" (apart from the reward if feeling good)? Everyone's expecting money for doing the right thing these days. I hope that one day, if I ever have a serious injury, I won't be approached and forced to negotiate a deal in order to be helped.

      • Well I am in need of money (we all are) but some cases are serious.

    • +1

      I hope that one day, if I ever have a serious injury, I won't be approached and forced to negotiate a deal in order to be helped.

      Then, if you haven't already, you should oppose any and all calls to privatise essential public services, like the fire department, else you get the American situation of "We'd like to prevent your house from currently burning down but it seems like you haven't purchased insurance with us…"

  • Which email provider does your exploit work on?

  • Contact the company and ask them for a job.

    • I was planning to, but I am afraid that what if I report the hack and they fix it and ask me to bug off. Should I create a video on HOW TO and save it into my computer? and also record the phone calls?

      Or just call them and stop being a princess?

  • -1

    have you made a genuine hack? or have you just guessed their password?

  • Id probably just call them up and speak to the IT manager

  • Speak to a lawyer skilled in IP. They should look at the T&C's of the provider and see if they have a get out clause in the 'unlikely event of a security flaw being discovered'.
    Some providers encourage disclosure and will reward you, but you need to approach it carefully to protect your interests.

    • I have tried contacting the customer support, and employees don't even understand that it's significant concern. No proper response or action has been taken despite I've mentioned clearly it as a hack/ security issue. They don't understand and keep asking me that is what's your account ID that's been hacked? haha. Well, I can't be bothered any longer because there is no right person that I can talk to, and none of their customer support employees are taking this seriously (they literally don't know what they should be doing). I will shoot an email/post mail to their head office and that's the most I can do. This is so shameful of such a big company.

      • If they have any kind of social media account: Facebook, Twitter etc. post it there. I guarantee a response!

        • +1

          I figured it out by myself (research) and now I know where I should be submitting.

  • +1

    Do what this guy did …go to the very top.

    He found an exploit in Facebook so he reported it to their bug bounty program hoping to collect a $500 reward. When Facebook rejected the problem claiming it wasn't a bug, he demonstrated the exploit by posting on Zuckerberg's Facebook page.

    Facebook refused to pay the $500 reward, but the guy got $12,000 from online donors.
    http://www.dailymail.co.uk/news/article-2399369/Facebook-hac…

  • Any update on the situation, OP?

    • +2

      Yes, I've reported it and got nothing in return except "Thank you". That's it.
      Honestly, it's not worth it to fuss around and to waste your time reporting it. It is a lengthy process and especially if you are like me, who don't know where & whom to report this then it's a definite bummer.

      NOTE to someone who is trying to find out what to do in similar situation then-
      If you get to this situation in future and are looking to publish a hack, you will need to Google- "the company name Bug Bounty Programme" (e.g.,- Yahoo's Bug Bounty Programme) and that is where you can report it and possibly get paid*. Don't go around calling the IT Technicians like me they won't care. All the best.

    • +1

      Oh well. You did your best. I'm sure when somebody else who isn't as ethical as your uses the exploit for their own nefarious purposes it will be their own fault. Thanks for reporting back.

  • A timely article…

    Bug bounties: Which companies offer researchers cash?
    http://www.zdnet.com/article/bug-bounties-which-companies-of…

    List of Bug Bounty Programs
    http://www.vulnerability-lab.com/list-of-bug-bounty-programs…

Login or Join to leave a comment