Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.
posted by LaminatorX on Wednesday March 05 2014, @06:30PM   Printer-friendly
from the It's-a-trap! dept.

dotdotdot writes:

"I am the IT guy for a small business with about 20 users. We use Microsoft Windows and Office, and I regularly audit our Microsoft volume license usage to make sure we are compliant.

I received an email from Accordo Group Ltd about a Microsoft Volume License Software Asset Management (SAM) License Review. The introduction letter stated, 'Microsoft would like to work with your company to review all Microsoft software products in use throughout your organization. This review process will be undertaken with all customers over a period of time and is intended to help you control your software assets.' The email and all the attachments were written as if they were from Microsoft, not Accordo. My first and last name, as well as the name of my company, were all misspelled.

So this is what I would like to ask SN:
Has anyone else had to deal with this? Are they just phishing for people who will agree to this?"

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by dyingtolive on Wednesday March 05 2014, @06:33PM

    by dyingtolive (952) on Wednesday March 05 2014, @06:33PM (#11445)

    My bullshit meter is off the charts. My rule is that anything not sent via registered mail is not to be taken seriously.

    --
    Don't blame me, I voted for moose wang!
    • (Score: 2, Funny) by dilbert on Wednesday March 05 2014, @06:38PM

      by dilbert (444) on Wednesday March 05 2014, @06:38PM (#11448)
      I concur with the BS analysis. Should you feel inclined to proceed anyway, I'm taking pre-orders for these guys [huvrtech.com] and I'll let you in on the ground floor. I'll just need your credit card...
    • (Score: 4, Insightful) by Sir Garlon on Wednesday March 05 2014, @06:48PM

      by Sir Garlon (1264) on Wednesday March 05 2014, @06:48PM (#11455)

      The misspellings are a huge red flag. Look at the full SMTP headers with a proverbial magnifying glass. I would expect the reply-to header goes to some variant spelling of the accordo.com domain, or some other sleight of hand.

      --
      [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
    • (Score: 4, Informative) by dilbert on Wednesday March 05 2014, @06:49PM

      by dilbert (444) on Wednesday March 05 2014, @06:49PM (#11456)

      The WayBack Machine [archive.org] shows they've had a web presence for over a decade, and linked in has corresponding profiles for people listed in their about [accordo.com] page.

      That doesn't mean they aren't trying to misrepresent their relationship with Microsoft, and are probably very adept at using doublespeak to imply they represent Microsoft, when in reality it looks like they want to represent you to Microsoft for an audit.

      I still say BS.

      • (Score: 4, Insightful) by dyingtolive on Wednesday March 05 2014, @06:58PM

        by dyingtolive (952) on Wednesday March 05 2014, @06:58PM (#11464)

        And even if they are on the up and up, who really wants to go looking for an audit?

        --
        Don't blame me, I voted for moose wang!
    • (Score: 5, Informative) by dotdotdot on Wednesday March 05 2014, @07:41PM

      by dotdotdot (858) on Wednesday March 05 2014, @07:41PM (#11481)

      Sorry if this is too long, but here is the actual body of the email if anyone cares to read it:

      Microsoft would like to work with your organization on a review of your Microsoft licenses. This review process will be undertaken with all customers over a period of time and is intended to help you control your software assets.

      The steps in the review process are as follows:

      Process Steps

      1. We ask you to complete the attached Deployment Summary (spreadsheet format) and return to us via email.
      2. Once we receive your Deployment Summary we will analyze the Microsoft software in use against the licenses held and provide you with an Estimated License Ownership Position. There may be areas that require further clarification.
      3. When this is done, a finalized License Ownership Position (as of the date of the review) will be provided, detailing what you own and what we understand you are using, based on the information you have supplied. This final summary will detail over-licensing or any apparent variances that may need to be remedied.
      4. Along with the final License Ownership Position summary you will also receive a Software Asset Management Tips guide.

      In order to make the process as efficient as possible we would highlight the following:

      1. You may wish to engage your IT Partner to assist you through (or even manage) the process on your behalf.
      2. We recommend that you request from your IT Partner/s a list of Microsoft licenses you have purchased via OEM (pre-installed with hardware) or FPP (boxed retail copies). The purpose of this is to ensure that we are evaluating your total license ownership position. Please note that records of licenses purchased under a Volume License Program (such as Open, Select or Enterprise) will already be available in the Microsoft records system.
      3. Microsoft makes available a free downloadable software product to assist with the inventory: MAP (Microsoft Assessment and Planning Toolkit), which is a powerful inventory, assessment and reporting tool that can securely assess IT environments for various platform migrations and virtualization without the use of any software agents for up to 100,000 PCs. It is available at www.microsoft.com/map.
      4. If you have purchased Volume Licenses under a different company name or have acquired other organizations that may have purchased licenses, please try to have this information available. This will enable us to identify any licenses you own which have been purchased under alternative names.

      The documents attached to this email:

      - A letter of introduction from Microsoft.
      - A document that covers some of the frequently asked questions regarding the review process.
      - A Deployment Summary that we would appreciate your response to by 16-March-2014. If, for any reason, you are unable to meet this timeframe please contact us by return email.

      What you can expect to get out of the review?

      - Consolidation of all your licensing records into one concise report which can then be maintained and modified by your organization in the future.
      - Assistance with understanding licensing rules, and in particular, how they relate to your own specific situation.
      - Licensing expertize and advice available to you throughout the process, free of charge.
      - Guidance regarding ongoing Software Asset Management to eliminate waste and redundancy and mitigate risks of non-compliance.

      Please note that if your organization acquires its Microsoft software licenses from an offshore parent company then we will not continue with the review process. We would instead just need to ask you one or two clarifying questions by telephone and the review will then be closed.

      Please do ask questions if you are not sure about the information you are being asked to provide or if you have any queries whatsoever in regards to the SAM review process.

      Thank you for your assistance.

      • (Score: 3, Insightful) by Blackmoore on Wednesday March 05 2014, @10:56PM

        by Blackmoore (57) on Wednesday March 05 2014, @10:56PM (#11570) Journal

        Interesting - this is a pretty accurate email for the microsoft auditing process. It even gives a legit address for the MAP tool www.microsoft.com/map.

        still doesn't pass the smell test - (they should have the correct spelling of your company name) so I wouldn't let them in the door.

        that said; Microsoft IS shaking down it's customers - so you should do a self audit and get the company inline before someone legit does come by.

      • (Score: 1) by Reziac on Thursday March 06 2014, @03:00AM

        by Reziac (2489) on Thursday March 06 2014, @03:00AM (#11690) Homepage

        Translation (assuming it's a valid letter and not a phish):

        We're hoping to catch you using unlicensed copies of Microsoft software. We will then fine you, er, I mean offer to sell you licenses at a premium price, including our 'convenience fee'.

        --
        And there is no Alkibiades to come back and save us from ourselves.
      • (Score: 2) by davester666 on Thursday March 06 2014, @04:30AM

        by davester666 (155) on Thursday March 06 2014, @04:30AM (#11744)

        yeah, this is basically a "please send us all your license and user information, and we will audit it, and if there are any problems, we get a cut of anything you need to pay. Oh, and we'll put the information you send us into a word document and then send it back to you."

        i would just ignore it. even responding with a "no thanks" just encourages them to report you to microsoft for an audit, where they still get a cut.

  • (Score: 5, Interesting) by frojack on Wednesday March 05 2014, @06:46PM

    by frojack (1554) on Wednesday March 05 2014, @06:46PM (#11452) Journal

    Ignore them, never agree to do this.

    The review will go way beyond just Microsoft products, regardless of what they say.

    Typically Microsoft will see the same license requesting automated updates from different machines Physical machines, and that suggests to them that you are using the same copy on more than on machine.

    Just moving a license, or changing the configuration of a virtual machine that is running windows can cause this. (As can intentional pirating of their products or running bootleg copies of stuff).

    This almost never comes out well for you. It will cost you time and money no matter how perfectly compliant and clean your shop is. You may have Original Certificates for every single license in the shop, but just emptying desk drawers and storage bins trying to find them is a huge disruption.

    They may threaten court action but the cost to them for carrying through on this is enormous, and they invariably just walk away.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 5, Insightful) by edIII on Wednesday March 05 2014, @08:31PM

      by edIII (791) on Wednesday March 05 2014, @08:31PM (#11503)

      MOD PARENT UP

      Responding to these letters is the same stupidity in freely talking to law enforcement.

      Unless it's from a local law firm informing you of Microsoft intending to enforce their licensing agreements with an audit, you ignore it. Microsoft, or their representatives (maybe-look at the agreement) are the only ones with legal standing.

      Even then, it's still a legal contract. You wait till they threaten to sue, and then you respond back with a friendly worded letter asking them to prove that Microsoft is their client, and the contacts over in Redmond that can verify such legal representation exists.

      After that stage, you tell them you want a legal document constructed in which you agree to the terms of the audit to protect you from unreasonable searches in desks, and the even more unreasonable searches in which they want their technician to have free access to systems with business data. They may come back and try to bully you and say you have no right, but it will cost them a crap load of money and time (the same) to go through the process.

      Once Microsoft hears about it (from you), and they can see that you have spent thousands with them already, they will drop it like it's poison.

      Asking Microsoft, or their representatives to indemnify you and hold you harmless from data breaches as a result of the audit is not unreasonable, especially given that states are progressively enacting heavy fines for such data loss that impacts citizens.

      If you just answer anybody and let them in the door because you're afraid, you deserve what may happen.

      --
      Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 2, Interesting) by Reziac on Thursday March 06 2014, @03:02AM

      by Reziac (2489) on Thursday March 06 2014, @03:02AM (#11692) Homepage

      My understanding (which comes from attending Microsoft events in years past, and hearing their guy speak on the subject) is that the original certificates will NOT prove your software is 'legal' and properly licensed. For that, you must have the original purchase receipts.

      --
      And there is no Alkibiades to come back and save us from ourselves.
      • (Score: 2) by frojack on Thursday March 06 2014, @05:46AM

        by frojack (1554) on Thursday March 06 2014, @05:46AM (#11776) Journal

        I've heard as much myself, which is all the more reason not to play their game.
        Make them pull that stunt in front of a judge.

        --
        No, you are mistaken. I've always had this sig.
  • (Score: 3, Interesting) by goodie on Wednesday March 05 2014, @07:00PM

    by goodie (1877) on Wednesday March 05 2014, @07:00PM (#11466) Journal

    I've been getting random calls from a supposedly "Micrsoft support company about my computer" over the past few months. I can't help but associate these kinds of scams with this. If it's not sent by registered mail with proper spelling, I'd say that this thing is bogus and more about fishing than anything else. If I'm to let someone poke around my office, I'd make sure they are legit and show proper credentials first. In any case, it does not sound like it's mandatory to begin with.

    • (Score: 4, Informative) by dotdotdot on Wednesday March 05 2014, @07:28PM

      by dotdotdot (858) on Wednesday March 05 2014, @07:28PM (#11477)

      This is from the FAQ that was attached to the email:

      What happens if I don't complete the information?

      We hope that most of our customers will work proactively with us to ensure a compliant licensing position. However, given the great emphasis Microsoft places on protecting its intellectual property, for those organizations that don't wish to engage in this process, a more formal communication may be made with respect to our licensing rights and your organization's obligations under your Microsoft license agreements.

      "A more formal communication" sounds scary! ;)

      • (Score: 4, Insightful) by bucc5062 on Wednesday March 05 2014, @08:01PM

        by bucc5062 (699) on Wednesday March 05 2014, @08:01PM (#11493)

        On the other hand, a more "formal" communication may have more validity in the form of a registered letter. I would think it a valid defense to say, "I got an unsecure email asking for key information with no way to verify. I did the proper thing and deleted it to avoid any data or system corruption or criminal malfeasance."

        Or something like that.

        --
        The more things change, the more they look the same
        • (Score: 3, Interesting) by frojack on Wednesday March 05 2014, @08:25PM

          by frojack (1554) on Wednesday March 05 2014, @08:25PM (#11502) Journal

          Had dotdotdot been running a properly configured spam filter he would never have seen this message, so you have to assume 95% of the time the company never hears back from the target of this implied threat.
          .

          The translation of that phrase amounts to:
          If you ignore our spam we may have to actually spend 49 cents and send you junk mail via the post office. Registered? Highly unlikely. That costs real money, about 6 bucks [certified-...elopes.com].

          --
          No, you are mistaken. I've always had this sig.
      • (Score: 2, Interesting) by neagix on Wednesday March 05 2014, @10:26PM

        by neagix (25) on Wednesday March 05 2014, @10:26PM (#11554)

        Completely ignore them, do the audit yourself, make a report about which licenses you need to buy to have everything compliant.

        At this point:
        1) keep this report alive for your internal awareness, and keep it updated -OR-
        2) buy all the missing licenses -OR-
        3) plan if you can cut some licensing costs by dismissing unused applications and/or replace with open source software

        And keep in mind that jerks usually come at waves, but you need to handle them down the keys of your business to let them in. In most countries only police forces - when authorized by a judge - can break in some building.

        • (Score: 1) by goodie on Thursday March 06 2014, @12:41AM

          by goodie (1877) on Thursday March 06 2014, @12:41AM (#11628) Journal

          I'd tend to agree with this! If you are not legit you should be. That being said, a quick search seems to point at several people reporting audits from that company in Australia or New Zealand (see for example a company called Veridan talking about Accordo).
          In any case, they are listed under the Microsoft Software Asset Management websie (http://pinpoint.microsoft.com/en-AU/partners/Acco rdo-Group-4295754790/appsandservices?LocId=2937113 39324454/ [microsoft.com]) although I'm not sure I'd still give them any credit at this point.

          I would ignore this and wait for a follow-up on their part, and then if that ever comes, I'd ask to be contacted by someone from MS to validate the authenticity of their claims (can never be too sure these days with all phishing attempts people do ;) ). Either way I'd never just let someone in like that, you may have very sensitive information on your IT assets and not be willing to let strangers barge in and have access to them, plant malware etc.

          Interestingly, from looking at the MS website and that company's own website, I fail to see where they have any rights to perform these kinds of things for a publisher. It sounds more like engaging customers into an expensive audit and licensing/marketing upgrade process to shell out some cash, probably some of which goes back in their own pocket. They certainly don't describe themselves as the software audit police or something...

          For all you know, they send this bullshit letter to about 100 companies every month and hope to get paid for their audit by MS if they are paid on commission or something (that is, if they do prove to be legit to begin with...).

      • (Score: 1) by artman on Thursday March 06 2014, @02:09AM

        by artman (1584) on Thursday March 06 2014, @02:09AM (#11657)

        You stopped one word short

        "A more formal communication may be made"

        --
        No Sig for me Thanks
  • (Score: 4, Insightful) by Blackmoore on Wednesday March 05 2014, @07:12PM

    by Blackmoore (57) on Wednesday March 05 2014, @07:12PM (#11470) Journal

    While Microsoft does employ a team to perform software audits, this is clearly a scam (Microsoft would have the spelling for the Company name correct).

    either ignore them - or work with law enforcement so the scammers can be arrested.

    • (Score: 2) by dotdotdot on Wednesday March 05 2014, @07:20PM

      by dotdotdot (858) on Wednesday March 05 2014, @07:20PM (#11473)

      Thank you. That was one of the biggest red flags I saw. Microsoft has my correct name and company information in their Volume Licensing Service Center (formerly eOpen).

      • (Score: 2) by Blackmoore on Wednesday March 05 2014, @10:49PM

        by Blackmoore (57) on Wednesday March 05 2014, @10:49PM (#11565) Journal

        what's most painful is these guys are either hoping to find an idiot who can't see a misspelling, or they can't be bothered to look you up and get it right.

        • (Score: 2, Informative) by qwade on Wednesday March 05 2014, @11:51PM

          by qwade (1006) on Wednesday March 05 2014, @11:51PM (#11603)

          Or it's part of the selection mechanism - anyone who doesn't clue on that their own company name is misspelled is more likely to be an easier mark...

  • (Score: 2) by nitehawk214 on Wednesday March 05 2014, @07:18PM

    by nitehawk214 (1304) on Wednesday March 05 2014, @07:18PM (#11471)

    Trust in Ackbar.

    --
    "Don't you ever miss the days when you used to be nostalgic?" -Loiosh
  • (Score: 5, Insightful) by Grishnakh on Wednesday March 05 2014, @07:22PM

    by Grishnakh (2831) on Wednesday March 05 2014, @07:22PM (#11474)

    Don't want to worry about audits? Don't use Windows.

    • (Score: 2) by jt on Wednesday March 05 2014, @11:15PM

      by jt (2890) on Wednesday March 05 2014, @11:15PM (#11579)

      It's another cost of doing business with Redmond. Must factor in the time, money, and disruption, in addition to the licence and upgrade treadmill costs. I sure as hell would not put myself in a position where a private company would rummage around in my network, but my employer would rather give up their collective testicles than give up Excel.

      • (Score: 2) by Grishnakh on Thursday March 06 2014, @04:24PM

        by Grishnakh (2831) on Thursday March 06 2014, @04:24PM (#12028)

        Yep. I just wish they'd stop complaining about it. They signed up for that treatment, so they have no right to complain about these audits or other bad treatment by their vendor.

    • (Score: 0) by Anonymous Coward on Thursday March 06 2014, @05:36PM

      by Anonymous Coward on Thursday March 06 2014, @05:36PM (#12067)

      This. Enjoy the ride, sucker.

  • (Score: 4, Interesting) by dogstar13 on Wednesday March 05 2014, @07:52PM

    by dogstar13 (1500) on Wednesday March 05 2014, @07:52PM (#11487)

    I went through this last year with the Canadian division of my company. At first I thought it was bullshit, but I was able to validate it directly with Microsoft and it turned out to be legitimate. Microsoft is employing some of their partners to conduct these software audits. It wasn't that big of a deal. More hassle than anything. Just last week we received an audit notice for our US division. Evidently sales are weak at Microsoft and they're sending their goons out to shake down their customers.

  • (Score: 5, Informative) by r00t on Wednesday March 05 2014, @07:53PM

    by r00t (1349) on Wednesday March 05 2014, @07:53PM (#11488)

    Could be a scam too, as in someone posing as Accordo to get inside your biz and plant malware or other nefarious purposes (Especially if you're a bank, or other high value target). I would look for a telephone number on the letter. Call them and ask for a contact at Microsoft who they work with. Next, google Microsoft's license support number. Don't call any numbers "Accordo" gives you. Explain the situation. Ask them how you are supposed to verify the "Accordo" audit group is legit. It should be interesting.

  • (Score: 3) by EvilJim on Wednesday March 05 2014, @08:35PM

    by EvilJim (2501) on Wednesday March 05 2014, @08:35PM (#11504) Journal

    general rule, if anyone contacts you out of the blue for anything to do with your systems, tell them to fuck off. even if it is Micro$oft, wait until they're pounding on your front door with the police before you let the goons in. I had a call not long ago from someone pretending to be our new account manager from dell... well we've never bought brand new from Dell so that was the first red flag, checked with Dell and they confirmed they do not cold call for that type of thing. I kept the guy talking for a while just for fun but should really have just asked which office he was from so I could call him back on the advertised office number, that would've stopped him in his tracks. might be slightly different if they've been doing this semi-legally for some time though.

  • (Score: 2, Interesting) by egcagrac0 on Wednesday March 05 2014, @09:30PM

    by egcagrac0 (2705) on Wednesday March 05 2014, @09:30PM (#11528)

    If you've done business with them before, maybe.

    If you haven't done business with them before, no.

    So, if my vendor that I purchased my volume licenses from sent me a letter suggesting that Microsoft is mandating a compliance audit, yeah, I'll consider it.

    If someone I've never bought anything from says "we want to audit your operation and sell you more stuff based on our findings", uhh, no.

    • (Score: 3, Informative) by dogstar13 on Wednesday March 05 2014, @09:43PM

      by dogstar13 (1500) on Wednesday March 05 2014, @09:43PM (#11537)

      I went through this process last year. The MS partner conducting the audit is prohibited from selling you anything. If you have to buy a few licenses to true up you do that through the vendor of your choosing. It's still bullshit though.

  • (Score: 3, Interesting) by hubie on Wednesday March 05 2014, @10:31PM

    by hubie (1068) Subscriber Badge on Wednesday March 05 2014, @10:31PM (#11557) Journal

    Isn't this what the BSA [bsa.org] (Business Software Alliance) was for, shaking you down with legal threats? Do these guys belong to the BSA? You might want to check that first.

  • (Score: 2, Informative) by Cornwallis on Wednesday March 05 2014, @11:59PM

    by Cornwallis (359) on Wednesday March 05 2014, @11:59PM (#11611)

    Years ago I had just started as IT mgr at a large company and received a similar letter from a legal firm. I was jumpy enough due to being new on the job and wanted to make sure we were compliant. (I wanted to make sure we were compliant anyways...) The ONLY result of completing their audit was to start getting bombarded by M$ marketing bullshit trying to get us to upgrade & buy more. BTW, our audit proved we were complaint.)

  • (Score: 1) by SecurityGuy on Thursday March 06 2014, @01:11AM

    by SecurityGuy (1453) on Thursday March 06 2014, @01:11AM (#11636)

    'Microsoft would like to work with your company to review all Microsoft software products in use throughout your organization.

    That's nice. I would also like a pony. So?

    I have to agree that there's too much wrong with this for me to waste any time on it. I get tons of spam/scan email, so I'm sorry, but an email to my misspelled name at my misspelled company telling my Microsoft wants something that ISN'T from Microsoft or from someone claiming to be their law firm would have been deleted already.

    I suppose if I really wanted to CMlegalA, I'd just reply that I think they're a scammer and they should proceed with more "formal communication" if they're not.

  • (Score: 3, Insightful) by dotdotdot on Thursday March 06 2014, @04:01AM

    by dotdotdot (858) on Thursday March 06 2014, @04:01AM (#11728)

    Not sure if this is appropriate SNetiquette, but thank you to everyone who responded. I appreciate all the honest feedback and recommendations.

    And thank you, SN, for not trolling this to death and turning it into a microsoft bashing party. This is so much better than what a certain older site had become.

  • (Score: 1) by LM-Els on Thursday March 06 2014, @07:45AM

    by LM-Els (2466) on Thursday March 06 2014, @07:45AM (#11824)

    If I'd received that email and not been sure of its authenticity of validity, I'd contact Microsoft directly, to inform them that some company is trying to impersonate a relationship with them, forwarding the email with headers and all.

    I've once done this with an email that seemed to come from my bank, but from a different server than usual. In that case, the bank replied the email was indeed from them, and they would look into the fact that it looked bogus. (and gave me the URL on the bank website where I could check exactly which emails had gone out to customers).