Yes I am aware of the unsaid rule. Nobody talks about it. Push it under the carpet and thank god for no harm was done. Well, that seems to be the protocol for anyone who has gone through an anti-piracy check by leading software vendors. Except that, they end up harassing a lot of genuine users too. So here is something that I noticed as a trend and hence, sharing our experience in public. Hope it helps a lot of other folks in similar situation.
Recently we got a request each from Adobe and Microsoft for checking the compliance status of their softwares used by us. These emails are meant to get a declaration from us stating how many softwares from these companies are we using and subsequently allow their teams or appointed auditors to conduct an inspection at our premise. The email on behalf of Microsoft was from PwC. Folks emailing us for Adobe had weird email IDs without any name in it, the only thing resembling that the person is an Adobe employee was their signature. This rang a bell and made me suspect that these are outsourced sales agencies.
Surprisingly, the emails which we received from Adobe and Microsoft misspelled names of my colleagues and even the letter that PwC, received from Microsoft (addressed to us) had the same spelling error. It immediately struck me that these are poorly created sales attempts by junior folks who want to threaten people for selling few licenses. Yes, and of course it also reminds me of this. Also since it is hard to find our entity name in public records, Microsoft’s letter referred to us as “Price Baba” and email subjects misspelled our entity name. The representative said that they got the data from Microsoft, which I believe is a lie, they took it from public records. Probably by doing a Google search for funded startups.
I am told by an industry insider that these firms who work on behalf of Adobe/Microsoft get as much as 60% of the money (commission) they extract out of companies who end up buying licenses from them. Of course a lot of times the companies who are pushed for such a ‘voluntary audit’ have to buy a license because they are at a fault. But these firms acting as software vendors are known to force companies and oversell more licenses than they need, just because they plant a fear of dire consequences. Sadly for them, we are a software company that doesn’t pirate stuff. With most of our operations being on the cloud or Ubuntu, I could give it right back to them.
The person speaking to me on behalf of Adobe claimed on the phone that they have ‘proof’ against us. But failed to present it or acknowledge it on email. I presume that the representative was solely relying on the job opening we had for a Graphic Designer as a ‘proof’. He must have then managed to get our contact details and jotted down us as a ‘prospect’. The modus operandi of these sales folks is simple.
1. Find companies
2. Find their email addresses.
3. Find their landline numbers.
4. Find a way to sneak in under the name of an ‘Audit’.
Considering the piracy practices in the market, they probably see good conversions. One of my friend who runs his company with 10s of official licenses from Adobe had got harassed extensively by these folks and told me that they are thick skinned people with no shame, having nothing to lose and possess no legal order/authority to force their way into an audit. He had to drop several emails to Adobe and get the harassment stopped.
In our case, a Microsoft representative went a step further and dropped by at our office uninvited & started asking my colleague about no of people working and other details while pushing for an audit. I sent them an email offering to open up all our conversations (with Microsoft) to our 4 million monthly users on Pricebaba. And as expected, they never replied after that.
Here are some characteristics of these software audit folks, which may well be worth noting:
- They invite themselves to your office. And horribly mis-spell your names.
- They don’t take no for an answer. And do all the tough talking off the record on a call.
- They use weird email IDs and try to cc a lot of folks in subsequent emails (you know *weight* padta hai). Or even if the domain name of the email address appears genuine, the email name itself will appear dubious, probably being generic email IDs given to 3rd parties.
So if you find yourself at the receiving end of such an email/request from a software company. Here are some things to keep in mind.
#4. It is not worth you losing your sleep, distracting yourself from work and unnecessarily worrying about it. I know how that feels when someone accuses you of being a thief and threatening you with 10s of lakhs worth of fines.
#3. Unless they come with legal order/police, no one can enter your office for an audit forcibly. Give it back to them. Record their phone calls if you can!
#2. Look up social engineering as a subject to learn more about the logic behind these calls.
#1: DON’T DO PIRACY. Check all systems at your office regularly for pirated software and content. Help your team learn and embrace the power of open source/free tools or purchase licences for apps you cannot do without.
Header Image Credit: Gigaom
Exact same incident with us!
Points to note:
1. For Adobe: Do not use Acrobat Reader. In the EULA of Adobe Acrobat reader, they can inspect your premises. We had a sales guy from Adobe ( real Adobe) who tried to talk us through and we clearly rejected that we don’t even use Adobe Acrobat reader. Adobe Flash is a plugin and the EULA doesn’t contain anything of this sort BUT its good to have a check often on this.
2. Once Adobe comes in, Microsoft will follow, and then Corel draw. If lets say Adobe doesn’t find anything, they will keep a log of other products saying these companies come under NASSCOM and we will inform others. So if you don’t have Adobe in your system, but if you have corel, you will get reported for that also.
3. My Lawyer in Delhi stated that there are 5000 cases which Adobe and others randomly files. 10% of those may be be a hit. They get information form the job sites or resumes of the developers or linked in etc.
The sales guy who came to us was like you must be using something from Adobe, tell us what you use ! He was just trying to find a clause where they can come and do an audit.
Under no circumstance you should use pirated software.
But more than that never go for the Audit even if you use legal software because of these cheap gimmicks by such sales reps. Over the last 2 years, they have increased a lot.
Finally. Please advise ALL your staff, not to disclose anything out side the company to anyone regarding what tools are being used etc. These guys may come in plain clothes as job seekers just to get some info.
There are some actual audits from Adobe and Microsoft in place as well. Specifically Adobe as they have placed their enterprise product for managing Adobe products in your enterprise, which can create packages based on user profiles (for example you can create groups in AD as designers with Photoshop, Lightroom assigned to them and install the packages accordingly). The Enterprise Admin with access to their portal would at any point of time gonna have idea that how many licenses are being used and by whom and also can revoke the rights to use instantly if the installations are done via Enterprise way than Key Installation (there was some way to block key one as well).
Just a small change , mask your email, before you get hit by more spammers.
It’s public any way, thanks!
And was it followed by them insisting you for a meeting or something? Same thing has happened in my organization and they are insisting for a meting.
Same with us. We are not even service providers, we are small team and the past employees still keep our company name in LinkedIn etc, they think we have lot many employees. Some of MS software like SQL Express, Visual Studio community etc are free to use as per their website, but these people tell some stories to get money. Seriously, MS is becoming more like gunda company after Indian took over as CEO. MS should have clear licensing terms for each product and mention before we download/use, but they don’t do that. Indian govt must act on this as they insist clear labels on the products.
We are facing the same situation. This is the 4th time Adobe have approached us. Standard traits:
1. Strange email IDs
2. “I am escalating this to XYZ”
3. “We are appoint XYZ co. to conduct an onsite audit”
In my first phone call I had very clearly told them that we are a tech company and do no graphics etc related work and everything is in cloud. In addition to company employees NOT having access to install anything on workstations, we do regular audits to ensure that nothing other than browsers is installed.
On top of that we genuine Windows an OSX – and thats about the only 2 softwares that we actually install – thanks to Cloud.
They still keep bugging us with emails from shitty interns with spelling our company name wrong and writing emails with strange grammar! (this email with broken grammar cam from “North & East compliance head” at Adobe – I showed this to my colleagues and a good laugh)
Do not answer their phone calls and the do not fall into the trap of responding to them.
Has anyone been threatened with a legal notice? Well not an actual notice but the PwC shitty interns came over to our premises making a lot of ruckus like goons and threatening us with legal notices. We asked them for a proof and they guy went blank.
Has anyone else been through this? We are a 100% cloub based operation with no Adobe or other softwares installed at all and we do pure development work. Can I sue them for harassing us? Bearing in mind this is India, the BIG names are likely to have advantage in an actual legal tussle.