Following this up, I did eventually get a followup email and this is legitimate. There are some issues with the report, but that's all part of the process I'm now in.
On Wed, Mar 28, 2012 at 8:45 AM, Jonathan Link <[email protected]>wrote: > I received an email purportedly to be from Microsoft about a Software > Asset Management (SAM) license review (headers looked like it came from MS, > but I'm not an expert). They indicated that they were trying to contact me > this week (it was sent on Tuesday, and the *only* prior contact was a > misdirected phone call into one of our director's voicemail[1]). > > It includes 2 PDFs, one appears to be a report with our name on it, VLPS > Report, and it appears to have some correct information as to the > customerID. There's a deployment summary spreadsheet and a USA FAQ > 2012.pdf. Included in the email are some instructions, a suggestion to use > the Microsoft Assessment and Planning Toolkit to help complete the tasks. > It includes an email address for [email protected] or to contact > another person at Microsoft. > > The person's display name for contacting me is foreign and has (Accenture) > in parentheses. It comes from a microsoft.com email address, however a > reply back to that address generated an access denied NDR, but a reply to > the other individual did not. I haven't received an email (I also > forwareded the email to the other address) in response, and I would have > expected a faster turnaround. The email address did contain a phone > number, however that phone number, according to 800 notes, has been used in > several scams in the past, trying to trick people into giving bank account > information to receive a government grant. A physical address is given, > but it is the address to the Microsoft campus in Redmond. > > So, I cautiously viewed the documents on my iPhone. One document, our > apparent licensing report appears entirely legitimate. I have had a weak > password on the eopen site for a while, just hadn't bothered changing it. > Second PDF (USA FAQ 2012[2]) is not viewable on my iPhone, it just displays > whitespace, as does the excel file. I'm going to take them to a sandboxed > computer to view them later. They also want information returned by April > 16th. > > My other concern is some limited googling has suggested that this might be > legitimate, that Microsoft has engaged in third parties to do this, and > that there are variations of this process, but those could be cleverly > built forums with shills indicating the process is legit, so I turn to this > list for advice. In the body of the email there aren't any instructions on > where to send the information. If the sender can only send email, having > another address to receive this information seems to be necessary. > > > [1] The voicemail was extremely static laden and had several gaps in it. > [2] That's a poorly named FAQ and about the only poorly phrased or worded > item in the email. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
