possible phishing attempt

[keredson]

I got the following email yesterday:

Subject: SSH Research - Earn $50

Hi there,

Apologies for emailing out of the blue, my name is Lexi and I’m a cyber-security research student based in London currently doing a project looking at potential vulnerabilities in deprecated Github SSH keys. 

I am looking to pay $50 for Github SSH or PGP keys that are deprecated and at least a year old. You'd need to deprecate the key before you send it so that it's not associated with any live repositories (takes about 2 mins and is important for your security as well as for my work).
 
I'll pay upfront by PayPal. Lmk if this is something you’d be happy to help out with, and I can send more info if you'd like!

Best, 

Lexi

After discussions as to what would lead to such a weird phishing email, I was linked to your project with the suggestion that it's an attempt to steal these coins you're distributing.

Just an FYI,
Derek

[pinheadmz]

We appreciate the report. I feel like anyone who generates a private key for any crypto system for any purpose must understand the responsibility in keeping it safe. I don't think keeping this issue open will help any future users and since it is not related directly to the code, I will close for now.