Proficio, Spam, and the Backstory

Wed Feb 6 11:49:06 CST 2013

jericho


Proficio.com was quietly added to Errata: Spam already, but without the backstory. With a new round of spam, it is time to explain just how crappy their marketing practices are.

The first spam was sent to me at an email alias that was setup specifically to register for a product download on a vendor's web site, and not that of Proficio. The only way they could have gotten that email address in my mind, is if the original company shared it. So I asked a friend there, and he did some digging. Ultimately, he confirmed that his company did NOT share that information with Proficio. That means they likely got the list of email addresses from an employee at the original company, possibly one that was leaving for good. If not that, then they purchased it from someone who used illegal, or at least questionable, methods to obtain it. Since I didn't want to drag the original company into the fray, as they did nothing wrong, Proficio was posted without the backstory.

After receiving the first spam, I emailed Jennifer Michaels at Proficio and asked where she got the email address. She didn't reply. Four days later, I replied again and said they would be added to this page for not replying, and they continued to remain silent. Almost a month later, they were added and told about it, so I moved on thinking all was good.

Feb 5, 2013, I get another marketing mail from Proficio, this time to my jericho@ address. That means they are using standard email scraping or purchased a list from somewhere, as I know I never opted into their mails, let alone from that address. Instead of just replying to Jennifer, I replied to everyone under the son which seems to have worked, as Alex Foster, Marketing Program Manager replied apologizing and offering to remove me from the lists. After posting this, I certainly hope this is done, and that Proficio shapes up. Unethical marketing practices like this don't belong in a supposed industry of integrity.

From: Jennifer Michaels (jmichaels@proficio.com)
To: jericho-attrition.org
Date: Tue, 05 Feb 2013 18:20:44 -0500
Subject: Webinar Series:  2013 Top Security Issues

Hi Brian,

Please join us for the second in our series of webinars on The Top 2013
Security Issues.  If you missed last week's webinar on the results of
our survey of 200 IT security professionals, you can still download the
slides and find out what issues will be keeping people up at night in
2013. 

DOWNLOAD HERE: http://www2.proficio.c[..]

This Week's 20-Minute Webinar -  Insider Threats

Insider Threats were rated to be the most concerning security threat in
2013. Examples of insider threats include disgruntled employees seeking
to harm their employer, or consultants who unintentionally breach an
organization?s confidentiality. Insider activity can be much more
difficult to pinpoint than conventional external activity as insiders
have more privileges than an external attacker. 

Next week we will cover Next-Generation Malware and Patching Security
Vulnerabilities.  

Each 20-minute session will discuss the nature of these threats, best
practices for organizations to identify and respond to them, and include
a live demo of how Proficio's ProSOCTM portal highlights these alerts and
drills down into the related event logs.

REGISTER ONCE
HERE: http://www2.proficio.c[..]
 
Webinar Details:

Insider Threats:
 Thursday, February 7th, 2013
 10:30-10:50am PST

Next-Generation Malware and Patching Security Vulnerabilities:
 Thursday, February 14th, 2013
 10:30-10:50am PST

Presented by: Brad Taylor, CEO, Proficio Inc.

http://www2.proficio.c[..]
http://www2.proficio.c[..]
http://www2.proficio.c[..]
http://www2.proficio.c[..]

Proficio
16390 Bake Parkway, Suite 100
Irvine, CA 92618

After reviewing the previous mails, which I didn't do before replying, I realized that I had not complained from jericho@ originally, so that part of my mail is incorrect.

From: security curmudgeon (jericho-attrition.org)
To: Jennifer Michaels (jmichaels@proficio.com)
Cc: info@proficio.com, sdsales@proficio.com, sfsales@proficio.com, azsales@proficio.com, 
    btaylor@proficio.com, tmcelwee@proficio.com, jhumphreys@proficio.com, 
    mbarth@proficio.com, moleary@proficio.com
Date: Tue, 5 Feb 2013 17:41:37 -0600 (CST)
Subject: Unethical Spammers (was Re: Webinar Series:  2013 Top Security Issues)

On Tue, 5 Feb 2013, Jennifer Michaels wrote:

: Hi Brian,
:
: Please join us for the second in our series of webinars on The Top 2013
: Security Issues.  If you missed last week's webinar on the results of
: our survey of 200 IT security professionals, you can still download the
: slides and find out what issues will be keeping people up at night in
: 2013. 

Are you serious?! After the last round of complaints abour your unethical
spamming (Nov, 2012), you add the address I complained from (different
than the one you originally spammed me on) to your list, and spam me more?
I opted not to add you last time, because I respect the company you got my
email address from. This time, you are on your own.

Welcome to Errata. You can look forward to being added to
http://attrition.org/errata / http://securityerrata.org/ later this
evening.

- jericho

From: Alex Foster (afoster@proficio.com)
X-Originating-IP: [76.102.150.177]
To: "jericho-attrition.org" (jericho-attrition.org)
Date: Wed, 6 Feb 2013 01:22:35 +0000
Subject: FW: Unethical Spammers (was Re: Webinar Series:  2013 Top Security Issues)

Good Evening Brian,

My name is Alex Foster and I am the Marketing Program Manager at Proficio. I 
wanted to personally reach out and apologize for any inconvenience this email 
may have caused.  I assure you we are a legitimate company and this event is
strictly educational.  I will personally ensure that you don't receive any 
additional email from us if you would provide the email addresses and aliases 
you want removed.

Again, please accept my apologies.

Regards,
Alex Foster

--
Alex Foster | Marketing Program Manager | Proficio Inc.
afoster@proficio.com | (650) 521-4557 | skype: alxfoster

From: security curmudgeon (jericho-attrition.org)
To: Alex Foster (afoster@proficio.com)
Date: Tue, 5 Feb 2013 19:31:44 -0600 (CST)
Subject: Re: FW: Unethical Spammers (was Re: Webinar Series:  2013 Top Security Issues)

On Wed, 6 Feb 2013, Alex Foster wrote:

: My name is Alex Foster and I am the Marketing Program Manager at
: Proficio. I wanted to personally reach out and apologize for any
: inconvenience this email may have caused.  I assure you we are a
: legitimate company and this event is strictly educational.  I will
: personally ensure that you don't receive any additional email from us if
: you would provide the email addresses and aliases you want removed.

It doesn't matter if the event is educational, it is promoting and
advertising your company. There is value in marketing, as evident by your
job title and salary.

As I mentioned, this is not the first time I have received your unwanted
email. The first time, it came into an address that I used exclusively on
the rapid7.com website when downloading a copy of their software. I asked
Jennifer Michaels back then where she got the email address, and she
ignored me. Rapid7 would not clarify if it was shared with Proficio, or if
you had obtained it through another manner (e.g. purchasing it from
someone who had obtained it illegally). When I complained to her, I did so
from this address, and she added it to your marketing list instead of
answering my question and ensuring that I was removed. That is extremely
unprofessional behavior on the part of Michaels and Proficio.

I will take you up on your offer though; please remove ANY address from
attrition.org from ALL of your marketing lists.

Thank you,

- jericho


main page ATTRITION feedback