from the It's-a-trap! dept.
"I am the IT guy for a small business with about 20 users. We use Microsoft Windows and Office, and I regularly audit our Microsoft volume license usage to make sure we are compliant.
I received an email from Accordo Group Ltd about a Microsoft Volume License Software Asset Management (SAM) License Review. The introduction letter stated, 'Microsoft would like to work with your company to review all Microsoft software products in use throughout your organization. This review process will be undertaken with all customers over a period of time and is intended to help you control your software assets.' The email and all the attachments were written as if they were from Microsoft, not Accordo. My first and last name, as well as the name of my company, were all misspelled.
So this is what I would like to ask SN:
Has anyone else had to deal with this? Are they just phishing for people who will agree to this?"
(Score: 5, Insightful) by dyingtolive on Wednesday March 05 2014, @06:33PM
My bullshit meter is off the charts. My rule is that anything not sent via registered mail is not to be taken seriously.
Don't blame me, I voted for moose wang!
(Score: 2, Funny) by dilbert on Wednesday March 05 2014, @06:38PM
(Score: 4, Insightful) by Sir Garlon on Wednesday March 05 2014, @06:48PM
The misspellings are a huge red flag. Look at the full SMTP headers with a proverbial magnifying glass. I would expect the reply-to header goes to some variant spelling of the accordo.com domain, or some other sleight of hand.
[Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
(Score: 4, Informative) by dilbert on Wednesday March 05 2014, @06:49PM
The WayBack Machine [archive.org] shows they've had a web presence for over a decade, and linked in has corresponding profiles for people listed in their about [accordo.com] page.
That doesn't mean they aren't trying to misrepresent their relationship with Microsoft, and are probably very adept at using doublespeak to imply they represent Microsoft, when in reality it looks like they want to represent you to Microsoft for an audit.
I still say BS.
(Score: 4, Insightful) by dyingtolive on Wednesday March 05 2014, @06:58PM
And even if they are on the up and up, who really wants to go looking for an audit?
Don't blame me, I voted for moose wang!
(Score: 5, Informative) by dotdotdot on Wednesday March 05 2014, @07:41PM
Sorry if this is too long, but here is the actual body of the email if anyone cares to read it:
(Score: 3, Insightful) by Blackmoore on Wednesday March 05 2014, @10:56PM
Interesting - this is a pretty accurate email for the microsoft auditing process. It even gives a legit address for the MAP tool www.microsoft.com/map.
still doesn't pass the smell test - (they should have the correct spelling of your company name) so I wouldn't let them in the door.
that said; Microsoft IS shaking down it's customers - so you should do a self audit and get the company inline before someone legit does come by.
(Score: 1) by Reziac on Thursday March 06 2014, @03:00AM
Translation (assuming it's a valid letter and not a phish):
We're hoping to catch you using unlicensed copies of Microsoft software. We will then fine you, er, I mean offer to sell you licenses at a premium price, including our 'convenience fee'.
(Score: 2) by davester666 on Thursday March 06 2014, @04:30AM
yeah, this is basically a "please send us all your license and user information, and we will audit it, and if there are any problems, we get a cut of anything you need to pay. Oh, and we'll put the information you send us into a word document and then send it back to you."
i would just ignore it. even responding with a "no thanks" just encourages them to report you to microsoft for an audit, where they still get a cut.
(Score: 5, Interesting) by frojack on Wednesday March 05 2014, @06:46PM
Ignore them, never agree to do this.
The review will go way beyond just Microsoft products, regardless of what they say.
Typically Microsoft will see the same license requesting automated updates from different machines Physical machines, and that suggests to them that you are using the same copy on more than on machine.
Just moving a license, or changing the configuration of a virtual machine that is running windows can cause this. (As can intentional pirating of their products or running bootleg copies of stuff).
This almost never comes out well for you. It will cost you time and money no matter how perfectly compliant and clean your shop is. You may have Original Certificates for every single license in the shop, but just emptying desk drawers and storage bins trying to find them is a huge disruption.
They may threaten court action but the cost to them for carrying through on this is enormous, and they invariably just walk away.
No, you are mistaken. I've always had this sig.
(Score: 5, Insightful) by edIII on Wednesday March 05 2014, @08:31PM
MOD PARENT UP
Responding to these letters is the same stupidity in freely talking to law enforcement.
Unless it's from a local law firm informing you of Microsoft intending to enforce their licensing agreements with an audit, you ignore it. Microsoft, or their representatives (maybe-look at the agreement) are the only ones with legal standing.
Even then, it's still a legal contract. You wait till they threaten to sue, and then you respond back with a friendly worded letter asking them to prove that Microsoft is their client, and the contacts over in Redmond that can verify such legal representation exists.
After that stage, you tell them you want a legal document constructed in which you agree to the terms of the audit to protect you from unreasonable searches in desks, and the even more unreasonable searches in which they want their technician to have free access to systems with business data. They may come back and try to bully you and say you have no right, but it will cost them a crap load of money and time (the same) to go through the process.
Once Microsoft hears about it (from you), and they can see that you have spent thousands with them already, they will drop it like it's poison.
Asking Microsoft, or their representatives to indemnify you and hold you harmless from data breaches as a result of the audit is not unreasonable, especially given that states are progressively enacting heavy fines for such data loss that impacts citizens.
If you just answer anybody and let them in the door because you're afraid, you deserve what may happen.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2, Interesting) by Reziac on Thursday March 06 2014, @03:02AM
My understanding (which comes from attending Microsoft events in years past, and hearing their guy speak on the subject) is that the original certificates will NOT prove your software is 'legal' and properly licensed. For that, you must have the original purchase receipts.
(Score: 2) by frojack on Thursday March 06 2014, @05:46AM
I've heard as much myself, which is all the more reason not to play their game.
Make them pull that stunt in front of a judge.
No, you are mistaken. I've always had this sig.
(Score: 3, Interesting) by goodie on Wednesday March 05 2014, @07:00PM
I've been getting random calls from a supposedly "Micrsoft support company about my computer" over the past few months. I can't help but associate these kinds of scams with this. If it's not sent by registered mail with proper spelling, I'd say that this thing is bogus and more about fishing than anything else. If I'm to let someone poke around my office, I'd make sure they are legit and show proper credentials first. In any case, it does not sound like it's mandatory to begin with.
(Score: 4, Informative) by dotdotdot on Wednesday March 05 2014, @07:28PM
This is from the FAQ that was attached to the email:
"A more formal communication" sounds scary!
(Score: 4, Insightful) by bucc5062 on Wednesday March 05 2014, @08:01PM
On the other hand, a more "formal" communication may have more validity in the form of a registered letter. I would think it a valid defense to say, "I got an unsecure email asking for key information with no way to verify. I did the proper thing and deleted it to avoid any data or system corruption or criminal malfeasance."
Or something like that.
The more things change, the more they look the same
(Score: 3, Interesting) by frojack on Wednesday March 05 2014, @08:25PM
Had dotdotdot been running a properly configured spam filter he would never have seen this message, so you have to assume 95% of the time the company never hears back from the target of this implied threat.
The translation of that phrase amounts to:
If you ignore our spam we may have to actually spend 49 cents and send you junk mail via the post office. Registered? Highly unlikely. That costs real money, about 6 bucks [certified-...elopes.com].
No, you are mistaken. I've always had this sig.
(Score: 2, Interesting) by neagix on Wednesday March 05 2014, @10:26PM
Completely ignore them, do the audit yourself, make a report about which licenses you need to buy to have everything compliant.
At this point:
1) keep this report alive for your internal awareness, and keep it updated -OR-
2) buy all the missing licenses -OR-
3) plan if you can cut some licensing costs by dismissing unused applications and/or replace with open source software
And keep in mind that jerks usually come at waves, but you need to handle them down the keys of your business to let them in. In most countries only police forces - when authorized by a judge - can break in some building.
(Score: 1) by goodie on Thursday March 06 2014, @12:41AM
I'd tend to agree with this! If you are not legit you should be. That being said, a quick search seems to point at several people reporting audits from that company in Australia or New Zealand (see for example a company called Veridan talking about Accordo).
o rdo-Group-4295754790/appsandservices?LocId=293711 3 39324454/ [microsoft.com]) although I'm not sure I'd still give them any credit at this point.
In any case, they are listed under the Microsoft Software Asset Management websie (http://pinpoint.microsoft.com/en-AU/partners/Acc
I would ignore this and wait for a follow-up on their part, and then if that ever comes, I'd ask to be contacted by someone from MS to validate the authenticity of their claims (can never be too sure these days with all phishing attempts people do
;) ). Either way I'd never just let someone in like that, you may have very sensitive information on your IT assets and not be willing to let strangers barge in and have access to them, plant malware etc.
Interestingly, from looking at the MS website and that company's own website, I fail to see where they have any rights to perform these kinds of things for a publisher. It sounds more like engaging customers into an expensive audit and licensing/marketing upgrade process to shell out some cash, probably some of which goes back in their own pocket. They certainly don't describe themselves as the software audit police or something...
For all you know, they send this bullshit letter to about 100 companies every month and hope to get paid for their audit by MS if they are paid on commission or something (that is, if they do prove to be legit to begin with...).
(Score: 1) by artman on Thursday March 06 2014, @02:09AM
You stopped one word short
"A more formal communication may be made"
No Sig for me Thanks
(Score: 4, Insightful) by Blackmoore on Wednesday March 05 2014, @07:12PM
While Microsoft does employ a team to perform software audits, this is clearly a scam (Microsoft would have the spelling for the Company name correct).
either ignore them - or work with law enforcement so the scammers can be arrested.
(Score: 2) by dotdotdot on Wednesday March 05 2014, @07:20PM
Thank you. That was one of the biggest red flags I saw. Microsoft has my correct name and company information in their Volume Licensing Service Center (formerly eOpen).
(Score: 2) by Blackmoore on Wednesday March 05 2014, @10:49PM
what's most painful is these guys are either hoping to find an idiot who can't see a misspelling, or they can't be bothered to look you up and get it right.
(Score: 2, Informative) by qwade on Wednesday March 05 2014, @11:51PM
Or it's part of the selection mechanism - anyone who doesn't clue on that their own company name is misspelled is more likely to be an easier mark...
(Score: 2) by nitehawk214 on Wednesday March 05 2014, @07:18PM
Trust in Ackbar.
"Don't you ever miss the days when you used to be nostalgic?" -Loiosh
(Score: 5, Insightful) by Grishnakh on Wednesday March 05 2014, @07:22PM
Don't want to worry about audits? Don't use Windows.
(Score: 2) by jt on Wednesday March 05 2014, @11:15PM
It's another cost of doing business with Redmond. Must factor in the time, money, and disruption, in addition to the licence and upgrade treadmill costs. I sure as hell would not put myself in a position where a private company would rummage around in my network, but my employer would rather give up their collective testicles than give up Excel.
(Score: 2) by Grishnakh on Thursday March 06 2014, @04:24PM
Yep. I just wish they'd stop complaining about it. They signed up for that treatment, so they have no right to complain about these audits or other bad treatment by their vendor.
(Score: 0) by Anonymous Coward on Thursday March 06 2014, @05:36PM
This. Enjoy the ride, sucker.
(Score: 4, Interesting) by dogstar13 on Wednesday March 05 2014, @07:52PM
I went through this last year with the Canadian division of my company. At first I thought it was bullshit, but I was able to validate it directly with Microsoft and it turned out to be legitimate. Microsoft is employing some of their partners to conduct these software audits. It wasn't that big of a deal. More hassle than anything. Just last week we received an audit notice for our US division. Evidently sales are weak at Microsoft and they're sending their goons out to shake down their customers.
(Score: 5, Informative) by r00t on Wednesday March 05 2014, @07:53PM
Could be a scam too, as in someone posing as Accordo to get inside your biz and plant malware or other nefarious purposes (Especially if you're a bank, or other high value target). I would look for a telephone number on the letter. Call them and ask for a contact at Microsoft who they work with. Next, google Microsoft's license support number. Don't call any numbers "Accordo" gives you. Explain the situation. Ask them how you are supposed to verify the "Accordo" audit group is legit. It should be interesting.
(Score: 3) by EvilJim on Wednesday March 05 2014, @08:35PM
general rule, if anyone contacts you out of the blue for anything to do with your systems, tell them to fuck off. even if it is Micro$oft, wait until they're pounding on your front door with the police before you let the goons in. I had a call not long ago from someone pretending to be our new account manager from dell... well we've never bought brand new from Dell so that was the first red flag, checked with Dell and they confirmed they do not cold call for that type of thing. I kept the guy talking for a while just for fun but should really have just asked which office he was from so I could call him back on the advertised office number, that would've stopped him in his tracks. might be slightly different if they've been doing this semi-legally for some time though.
(Score: 2, Interesting) by egcagrac0 on Wednesday March 05 2014, @09:30PM
If you've done business with them before, maybe.
If you haven't done business with them before, no.
So, if my vendor that I purchased my volume licenses from sent me a letter suggesting that Microsoft is mandating a compliance audit, yeah, I'll consider it.
If someone I've never bought anything from says "we want to audit your operation and sell you more stuff based on our findings", uhh, no.
(Score: 3, Informative) by dogstar13 on Wednesday March 05 2014, @09:43PM
I went through this process last year. The MS partner conducting the audit is prohibited from selling you anything. If you have to buy a few licenses to true up you do that through the vendor of your choosing. It's still bullshit though.
(Score: 3, Interesting) by hubie on Wednesday March 05 2014, @10:31PM
Isn't this what the BSA [bsa.org] (Business Software Alliance) was for, shaking you down with legal threats? Do these guys belong to the BSA? You might want to check that first.
(Score: 2, Informative) by Cornwallis on Wednesday March 05 2014, @11:59PM
Years ago I had just started as IT mgr at a large company and received a similar letter from a legal firm. I was jumpy enough due to being new on the job and wanted to make sure we were compliant. (I wanted to make sure we were compliant anyways...) The ONLY result of completing their audit was to start getting bombarded by M$ marketing bullshit trying to get us to upgrade & buy more. BTW, our audit proved we were complaint.)
(Score: 1) by SecurityGuy on Thursday March 06 2014, @01:11AM
That's nice. I would also like a pony. So?
I have to agree that there's too much wrong with this for me to waste any time on it. I get tons of spam/scan email, so I'm sorry, but an email to my misspelled name at my misspelled company telling my Microsoft wants something that ISN'T from Microsoft or from someone claiming to be their law firm would have been deleted already.
I suppose if I really wanted to CMlegalA, I'd just reply that I think they're a scammer and they should proceed with more "formal communication" if they're not.
(Score: 3, Insightful) by dotdotdot on Thursday March 06 2014, @04:01AM
Not sure if this is appropriate SNetiquette, but thank you to everyone who responded. I appreciate all the honest feedback and recommendations.
And thank you, SN, for not trolling this to death and turning it into a microsoft bashing party. This is so much better than what a certain older site had become.
(Score: 1) by LM-Els on Thursday March 06 2014, @07:45AM
If I'd received that email and not been sure of its authenticity of validity, I'd contact Microsoft directly, to inform them that some company is trying to impersonate a relationship with them, forwarding the email with headers and all.
I've once done this with an email that seemed to come from my bank, but from a different server than usual. In that case, the bank replied the email was indeed from them, and they would look into the fact that it looked bogus. (and gave me the URL on the bank website where I could check exactly which emails had gone out to customers).