The colloquy of Steven Coffey

Someone forwarded a spammer's email to Spamnesty, which replied to the email, pretending to be a person called Steven Coffey and starting a conversation.

This is that conversation.


Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 6, 2017, 12:35 p.m.

Good morning Julia.

I would like to know if the information I sent you was useful. Did the board came to a decision? Please let me know, I'll be more than glad to assist you at anytime.

Thank you.

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 6, 2017, 7:11 p.m.

Hello,
Thank you for your email! However, I don't know if this will fit in our budget. Is there anything better you could do?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 6, 2017, 7:28 p.m.

Hello Steven.
How many computers do you want to check? These assessments start as low as $500. It really depends on the amount of computers to be assessed. Please advice. Thank you.
Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 6, 2017, 10:14 p.m.

Hi,
Sounds great, how can we proceed? We're interested in getting started pretty much immediately, as we could use this.

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 6, 2017, 10:21 p.m.

Hello Steven.
Do you have an idea of the amount of systems (servers) you have connected to the Internet? Please advice. Thank you.

Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spammer

  • Subject: Service Form
  • On: Feb. 7, 2017, 4:24 a.m.

Good evening Steven.
Attached is a document to be signed in order to begin this process. Don't hesitate to contact me if you have any questions or concerns. Yours Truly, Brucelle Arizmendi,
Chief Consultant, Sploitnetworks Cyber Security Professional C|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SS, Server+, A+ Email: [email protected] (mailto:[email protected]) Phone: 787-559-4534 Web: www.sploitnetworks.com (http://www.sploitnetworks.com/) Facebook: www.facebook.com/Sploitnetworks (http://www.facebook.com/Sploitnetworks) Twitter: https://twitter.com/SploitNetworks (https://twitter.com/SploitNetworks)

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 6:48 a.m.

Hello,
Thank you for your email! However, I don't know if this will fit in our budget. Is there anything better you could do?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 4:03 p.m.

Hi Steven.
I could do this for you for $400. Will that be a better option for you budget? Please advice. Thank you.

Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 5:32 p.m.

Hello,
Can you give me some more info about what you're offering? Specifically, how does it apply to our business? How can we use this?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 6:34 p.m.

Hello Steven.
A Black Box Vulnerability Assessment, is a security audit that is performed against a corporate network, and it's hosts (web servers, mail servers, DNS servers for example), in order to detect what type of cyber threats the company may be expose to.
This assessment will consist of detecting any possible system misconfigurations that may lead to a successful attack against your corporate network. These type of assessments are used to reduce the possibilities of ransomware attacks.
Upon completion, I will provide you a report with my recommendations, to enhance your network's security. 
I've performed these tasks for several companies, which have benefit from reduced possibilities of successful attacks against them. 
Because of the rise of cyber threats, it is recommended that every company perform these assessments on their networks. How often? It will depend on the rate risk. The bigger the network, the larger the risk.
If you have further questions, don't hesitate to contact me. 

Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 8:06 p.m.

Hello,
Thank you for your email! However, I don't know if this will fit in our budget. Is there anything better you could do?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 8:44 p.m.

Hi Steven.
I'm more than glad to assist you. I do have a question, do you know how many systems (servers) the company has exposed to the Internet? Please advice. Thank you.
Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 7, 2017, 9:11 p.m.

Steven,
Sorry for asking, but what is your budget at this time. Please advice. Thank you.
Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 8, 2017, 3:55 a.m.

Hello,
That is reasonable, but do you think you can go into more detail about your main product? What is it about, exactly?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 8, 2017, 2:39 p.m.

Good morning Steven.
My main product, or service is to help all customers reduce the possibilities of data theft, possible credit card theft, corporate user file information theft, and possible interruption of service, also known as Denial-of-Service (DoS).
These assessments help reduce these risks. Performing these assessments require clear understanding of the type of threats that customers are exposed to and how these services can help mitigate risks.
Please see the example below, so you can have a better understanding of these services.
Example:
You have a Mail server (for email management), FTP Server (Server used to store information online so corporate employees can access these files remotely, from different locations) and a Web Server (server used to promote your services, and/or server used by your customers to access their data on your system. These servers are exposed to the Internet so they can be access to the world, if required.
If the web server has a database storing data from your customers (names, contact information, credit card information, etc.), mail server (with confidential emails of your customers), and FTP server (with confidential files of your company and your customers) exposed (connected) to the Internet, as a company, you need to make sure that all this information is safe from harm.
There are occasions, in which due to budget constraints, you are not able to pay a full time expert to perform these tasks on your corporate network (your company's servers) on perform this on a weekly, bi-weekly or monthly basis. Usually hiring a certified and knowledgeable professional may cost between $90-$120k a year, but you still need to these services. What are your options? To hire someone to perform these tasks for you, whenever your budget allows it.
Many companies prefer to pay an independent consultant or a consulting firm because it is much cheaper than paying the salary of a Full-time Professional + benefits. The costs of these services vary depending on the amount of systems to be audited, and the type of service requested.
Depending on the consulting firm, the prices of these services usually fluctuate between $900-$1,000 per system. I only charge $600 for each system, and I am open to make special offers if services are required as a long time service (example: 1 year contract, 2 year contract). I've been working on vulnerability assessments for several years now, and I know what hackers look for when it comes to these cyber attacks. I am a fair person, and I believe that every company, no matter the size, has the right to check if their networks are secure from harm. These services are performed with the intention of helping company's deter the possibilities of data theft and economical losses because of cyber attacks.
I hope this gives you a better understanding of what I do, and how I can be of assistance to you, Julia and your company. Please let me know if there is another I can be of assistance to you. Thank you.
Yours Truly, Brucelle Arizmendi,
Chief Consultant, Sploitnetworks Cyber Security Professional C|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SS, Server+, A+ Email: [email protected] (mailto:[email protected]) Phone: 787-559-4534 Web: www.sploitnetworks.com (http://www.sploitnetworks.com/) Facebook: www.facebook.com/Sploitnetworks (http://www.facebook.com/Sploitnetworks) Twitter: https://twitter.com/SploitNetworks (https://twitter.com/SploitNetworks)

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 9, 2017, 2:34 a.m.

Hi,
Sounds great, how can we proceed? We're interested in getting started pretty much immediately, as we could use this.

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 9, 2017, 11:49 a.m.

Good morning Steven.
Please sign the document I sent you and follow the instructions provided on the document. Once the initial payment is done, we can proceed. 
Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 9, 2017, 10:19 p.m.

Hello,
can you give me an example of this? I would like to know roughly what it looks like.

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 9, 2017, 10:30 p.m.

Good afternoon Steven.
Attached is an example of a Vulnerability Assessment report.
Yours Truly, Brucelle Arizmendi,
Chief Consultant, Sploitnetworks Cyber Security Professional C|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SS, Server+, A+ Email: [email protected] (mailto:[email protected]) Phone: 787-559-4534 Web: www.sploitnetworks.com (http://www.sploitnetworks.com/)
Facebook: www.facebook.com/Sploitnetworks (http://www.facebook.com/Sploitnetworks)
Twitter: https://twitter.com/SploitNetworks (https://twitter.com/SploitNetworks)

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 10, 2017, 5:48 a.m.

Hello,
I am a bit busy now, but I am definitely interested. When can we talk?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 11, 2017, 3:44 p.m.

Good morning Steven.
I'm very glad you are interested in these services. At what number can I reach you?
Let me know when we can proceed with the services. Thank you
Yours Truly,
Brucelle Arizmendi, MSITChief Consultant, CEO & CTOSploitnetworksC|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SSEmail: [email protected]: 787-559-4534Website: www.sploitnetworks.comFacebook: www.facebook.com/SploitnetworksTwitter: www.twitter.com/Sploitnetworks

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessment
  • On: Feb. 12, 2017, 2:47 a.m.

Hello,
That is very interesting! Could you elaborate? Do you have any details online I could look at?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Black Box Vulnerability Assessments
  • On: Feb. 16, 2017, 5:55 p.m.

Good afternoon.
I am following up on several requests made for the Black Box Vulnerability Assessment services on your behalf. At this time, I have not received any confirmation from you indicating that you are interested in these services. I know you are interested in learning more about these services, the information can be found on . www.facebook.com/Sploitnetworks (http://www.facebook.com/Sploitnetworks)
If you are still interested in these services, don't hesitate on contacting me. I can guarantee you that you will not find these services for a lower price than what I offer them. These services usually cost over $1,000 up to $10,000 for each system that is audited. My price is far below that, just $600 per system at the time.
If you need to have this audit done ASAP, it can be arranged. I hope to hear from you soon.
Yours Truly, Brucelle Arizmendi,
Chief Consultant, Sploitnetworks Cyber Security Professional C|EH, C)PEH, C)PTE, C)DFE, C)NFE, C)WSE, C)VA, C)SS, Server+, A+ Email: [email protected] (mailto:[email protected]) Phone: 787-559-4534 Web: www.sploitnetworks.com (http://www.sploitnetworks.com/)
Facebook: www.facebook.com/Sploitnetworks (http://www.facebook.com/Sploitnetworks)
Twitter: https://twitter.com/SploitNetworks (https://twitter.com/SploitNetworks)

Spamnesty

  • Subject: Re: Black Box Vulnerability Assessments
  • On: Feb. 16, 2017, 8:14 p.m.

Hello,
Can you give me some more info about what you're offering? Specifically, how does it apply to our business? How can we use this?

Steven Coffey
CEO, MNesty, LLC

Spammer

  • Subject: Dear Sandy Coffey.
  • On: March 23, 2017, 6:55 a.m.

--------------------------------------------

Spamnesty

  • Subject: Re: Dear Sandy Coffey.
  • On: March 23, 2017, 6:51 p.m.

Hi,
Great, thanks. Could we have a short call to discuss the specifics? What are your contact details? Also, what is your pricing model like?

Steven Coffey
CEO, MNesty, LLC