A new report by TechRepublic states external Microsoft vendors are using scam-like sales tactics to coerce system administrators and IT departments into upsells. TechRepublic came across the scam through a /sysadmin/ subreddit thread. In the thread, sys admins detail how sales reps contact corporate IT departments with a request for a "voluntary audit" to make sure they are up to date and compliant with their licenses.
Some of these audits seem to be centered around Oracle's change in licensing SQL Server by cores instead of per socket. Referencing terms like these, sales representatives ask for a voluntary audit to make sure all their software licenses are in order with their contracts.
IT staff are asked to fill out spreadsheets which list out all of an organization's technology infrastructure and the relevant licenses. The sales representative then turns this information around on the IT department, pointing to places where there might be perceived issues of noncompliance and insufficient licenses. Sales reps then use threats of noncompliance as an opportunity to upsell upgrading to Office 365 to the cloud.
But as TechRepublic notes:
These audits may be presented with strongly worded language, noting a particular deadline or risk of fine for noncompliance, though these are effectively empty threats.
Furthermore, TechRepublic investigated the matter to find that actual audits from Microsoft are generally not conducted via email. The article also noted that email addresses which start with "v-" in front of the person's @microsoft.com address are from external vendors. And "a voluntary audit can safely be ignored if coming from an email address with" the [email protected] format.
TechRepublic spoke with the CEO of Triton Technologies, who said his company "been subjected to 'multiple audits' which 'produced nothing' and 'wasted a tremendous amount of my company's resources in an attempt to upsell products... [as] a new way of attempting to sell Office 365 through any means necessary.'" So in an interesting twist, James Sanders of TechRepublic came up with "the first-world anarchist's guide to destroying and audit" to combat how these rogue external vendors waste a company's time.
Sanders bases his guide off of a field manual Office of Strategic Services, the predecessor to the CIA which was created during WWII. Basically, it is a step by step process to play mind games with the rogue sales rep and to make the audit far more time consuming and painful for them than it is for you. You can read TechRepublic report and OSS inspired anarchists guide here.
These scams may be the result of rogue vendors trying to hit their sale quota. But given Microsoft's tarnished reputation with some consumers over forceful Windows 10 upgrades, it might behoove Microsoft to rein in their ISV partners before more companies consider lower cost cloud options like Google Apps for Work.