10 Signs of a Fake Microsoft Audit

Do you know how to spot a fake Microsoft Audit?  Learn the 10 Signs of a Fake Microsoft audit, and avoid a trap that could cost your organizations hundreds of thousands of dollars.

  1. You are contacted by a person using a “V-“ microsoft address, formatted like
    v-john.doe@microsoft.com”. These are not real Microsoft employees, but temporary employees or partners.  They do not have the authority of Microsoft to initiate a mandatory Microsoft audit.
  2. It’s not your Microsoft licensed partner. You don’t know the company or the person sending the email, and have not done business with them in the past.
  3. They ask for an email address where they can send some forms to be filled out.
  4. The person’s linkedin says they work at microsoft, but also says they work for another company (their real employer, the Microsoft partner).
  5. The email address the person uses may not match their name because multiple people use it to spam these requests. In fact, the person may not even exist, and the senders use a continually changing fake name, in order to stymie internet searches for the person.
  6. Possible File Names:
    1. Updated Copy of Deployment Summary SAMC.XLSX
    2. SAM+C Engagement.pdf
  7. The company is located in Atlanta GA, Fargo ND, Australia, or New Zealand.
  8. The audit letter is only delivered by email, not by paper mail.
  9. The audit email talks about penalties for refusing a Microsoft audit, not the voluntary partner audit, which is what the sender is proposing.
  10. Possible audit letter appearance:10 Signs of a Fake Microsoft Audit

You can research the issue to verify its veracity, but will likely find misleading results as such rogue partners will evolve their approach.  The truth is that they function as revenue generators and that those partners neither have the authority nor intention of actually conducting an audit.  Their goal is to get the organization to incriminate itself by sending the information.

These partners engage in a fishing expedition – or a phishing expedition –  looking for organizations and IT workers who are unaware of this practice and want to stay in compliance with their vendors. They will attempt to contact multiple people at the organization to solicit information.  If the organization ignores or refuses the information request, they will threaten to subject the organization to a full audit, and to disable any active Microsoft software.

But by completing and submitting these requests for information, the organization can give the partner the information it needs to share with the vendor who will then declare the organization out-of-compliance. In every scenario, the partner will strongly push the organization to purchase the additionally needed licenses from the partner themselves.

Audits initiated by Microsoft SAM partners are ALWAYS voluntary, and declining the offer will not always, or even often, lead to a formal audit by Microsoft, known as a Microsoft LLC audit.  An official Microsoft LLC audit will be initiated by a major accounting firm.  You will get an audit letter via snail mail from KPMG, Deloitte, or similar.

Download

The Definitive Guide to Microsoft Audits

by Miro Consulting

While this particular type of audit notice isn’t a real Microsoft audit, your organization may receive a real Microsoft LLC audit request that it cannot legally ignore.  To learn more about Microsoft Licensing, download The Definitive Guide to Microsoft Audits, or contact us at info@miroconsulting.com.  Miro is NOT a Microsoft Partner, and shares no information with Microsoft or it’s partners.