Yes I am aware of the unsaid rule. Nobody talks about it. Push it under the carpet and thank god for no harm was done. Well, that seems to be the protocol for anyone who has gone through an anti-piracy check by leading software vendors. Except that, they end up harassing a lot of genuine users too. So here is something that I noticed as a trend and hence, sharing our experience in public. Hope it helps a lot of other folks in similar situation.
Recently we got a request each from Adobe and Microsoft for checking the compliance status of their softwares used by us. These emails are meant to get a declaration from us stating how many softwares from these companies are we using and subsequently allow their teams or appointed auditors to conduct an inspection at our premise. The email on behalf of Microsoft was from PwC. Folks emailing us for Adobe had weird email IDs without any name in it, the only thing resembling that the person is an Adobe employee was their signature. This rang a bell and made me suspect that these are outsourced sales agencies.
Surprisingly, the emails which we received from Adobe and Microsoft misspelled names of my colleagues and even the letter that PwC, received from Microsoft (addressed to us) had the same spelling error. It immediately struck me that these are poorly created sales attempts by junior folks who want to threaten people for selling few licenses. Yes, and of course it also reminds me of this. Also since it is hard to find our entity name in public records, Microsoft’s letter referred to us as “Price Baba” and email subjects misspelled our entity name. The representative said that they got the data from Microsoft, which I believe is a lie, they took it from public records. Probably by doing a Google search for funded startups.
I am told by an industry insider that these firms who work on behalf of Adobe/Microsoft get as much as 60% of the money (commission) they extract out of companies who end up buying licenses from them. Of course a lot of times the companies who are pushed for such a ‘voluntary audit’ have to buy a license because they are at a fault. But these firms acting as software vendors are known to force companies and oversell more licenses than they need, just because they plant a fear of dire consequences. Sadly for them, we are a software company that doesn’t pirate stuff. With most of our operations being on the cloud or Ubuntu, I could give it right back to them.
The person speaking to me on behalf of Adobe claimed on the phone that they have ‘proof’ against us. But failed to present it or acknowledge it on email. I presume that the representative was solely relying on the job opening we had for a Graphic Designer as a ‘proof’. He must have then managed to get our contact details and jotted down us as a ‘prospect’. The modus operandi of these sales folks is simple.
1. Find companies
2. Find their email addresses.
3. Find their landline numbers.
4. Find a way to sneak in under the name of an ‘Audit’.
Considering the piracy practices in the market, they probably see good conversions. One of my friend who runs his company with 10s of official licenses from Adobe had got harassed extensively by these folks and told me that they are thick skinned people with no shame, having nothing to lose and possess no legal order/authority to force their way into an audit. He had to drop several emails to Adobe and get the harassment stopped.
In our case, a Microsoft representative went a step further and dropped by at our office uninvited & started asking my colleague about no of people working and other details while pushing for an audit. I sent them an email offering to open up all our conversations (with Microsoft) to our 4 million monthly users on Pricebaba. And as expected, they never replied after that.
Here are some characteristics of these software audit folks, which may well be worth noting:
- They invite themselves to your office. And horribly mis-spell your names.
- They don’t take no for an answer. And do all the tough talking off the record on a call.
- They use weird email IDs and try to cc a lot of folks in subsequent emails (you know *weight* padta hai). Or even if the domain name of the email address appears genuine, the email name itself will appear dubious, probably being generic email IDs given to 3rd parties.
So if you find yourself at the receiving end of such an email/request from a software company. Here are some things to keep in mind.
#4. It is not worth you losing your sleep, distracting yourself from work and unnecessarily worrying about it. I know how that feels when someone accuses you of being a thief and threatening you with 10s of lakhs worth of fines.
#3. Unless they come with legal order/police, no one can enter your office for an audit forcibly. Give it back to them. Record their phone calls if you can!
#2. Look up social engineering as a subject to learn more about the logic behind these calls.
#1: DON’T DO PIRACY. Check all systems at your office regularly for pirated software and content. Help your team learn and embrace the power of open source/free tools or purchase licences for apps you cannot do without.
Header Image Credit: Gigaom