If you find a bug on the bounty campaign will you use it to gain more coins or email the brand?
Also, it is not said by the brand that rewards will be given for finding the bug. Will they still give reward if you email them about the bug?
What kind of bug on the bounty campaign you are referring? Cheaters?
If you are talking about the literal bug on the project itself, you can directly message the developers about it. Although at some cases they are rewarding users who will report a bug, don't expect they will do that in the first place. Or if you are really greedy in getting at least some rewards then wait for their announcement about giving reward for bugs that you will found. But sometimes, announcement like that will just be present if the APP or platform related to the project are now on the beta stage or goes live.
If I may recently a security expert found and reported a bug in EOS software and he is rewarded handsomely with $120,000. You can read it here, (
https://www.ccn.com/researcher-earns-120k-in-7-days-byexposing-bugs-in-eos-source-code/). However, cheaters should be reported as well, because they are exploiting and abusing the campaign and trying to get as much coins as they want. Just provide proof and I'm sure that the campaign manager will take care of everything.
If you guys does not see the action of campaign manager you are free to create the thread against scammer in scam acussation section. This section is been used for reporting scammer to forum people.
This will be rating of that project and investment will be safer for you from the scam projects.