We have recently become aware of a fraud scheme targeting channel partners and want to ensure that you are informed. Fraudsters are posing as end users to create fraudulent Azure accounts, leading to significant consumption for which partners are held accountable.
Here’s how the criminals operate:
- Fraudsters impersonate end users to engage with partners.
- They provide fake registration documents, such as tax certificates.
- Partners open Azure accounts for these "new customers."
- The fraudsters use these accounts for data mining, resulting in high consumption.
- Microsoft often rejects tickets related to this fraud, as their systems have not been compromised
Here are some resources available to better secure your Azure account.
Azure Operational Security best practices
Detect and respond to security alerts - Partner Center | Microsoft Learn
To safeguard your business, please vet out new customers and verify all customer documentation thoroughly and stay vigilant against suspicious activity. If you have any concerns or need further guidance, don't hesitate to contact your local Microsoft team.