(813) 999-0086

March 9, 2026

When Cheap Microsoft Licenses Aren’t a Bargain: Lessons from the Heidi Richards Indictment

< BACK TO BLOG

Every week, Southwest Florida business owners forward us ads for “discount Microsoft licenses” and ask the same question: Is this legit, or are we going to get burned?

A recent federal indictment out of the Middle District of Florida is a clear reminder that when it comes to Microsoft licensing, too cheap can get very expensive.

What Happened in the Heidi Richards Case

According to a January 2024 indictment, Heidi Richards, owner of Trinity Software Distribution, Inc. in the Tampa area, is accused of running an illicit Microsoft licensing operation for years.

Prosecutors say Trinity:

  • Bought large quantities of Microsoft Certificates of Authenticity (COA) labels and product activation keys from a Texas company (“Company A”).
  • Received these keys in bulk via spreadsheets and email, not through normal OEM or cloud licensing channels.
  • Resold the keys and labels as if they were legitimate Microsoft licenses, often at deep discounts.

Between 2018 and early 2023, Trinity allegedly sent over $5.1 million to Company A for software products, including:

  • Windows 10 Pro and Home COA labels by the thousands.
  • Office 2019 and Office 2021 OEM and retail product keys.
  • Keys and COAs that were never supposed to be sold “loose” or separated from the hardware or media they were meant to authenticate.

The indictment charges Richards with:

  • Conspiracy to traffic in illicit labels (18 U.S.C. § 371).
  • Trafficking in illicit labels for Microsoft Windows 10 Pro (18 U.S.C. § 2318).
  • Trafficking in unauthorized access devices – Microsoft product activation keys – in 2020 and 2022 (18 U.S.C. § 1029(a)(2)).
  • Possession of 15+ unauthorized access devices (18 U.S.C. § 1029(a)(3)).

Prosecutors are also seeking at least $242,000 in forfeiture, and the indictment lays groundwork to seize any proceeds and property tied to the alleged scheme.

It’s a stark example of what happens when a reseller turns “cheap keys” into a business model.

Why This Matters to Southwest Florida Businesses

This case isn’t just about one distributor in Tampa. It highlights real risks for any business owner in Fort Myers, Naples, Cape Coral, Punta Gorda, or elsewhere who buys Microsoft licenses from the wrong place.

Microsoft’s licensing model is complicated on purpose: different SKUs for home, student, OEM, academic, refurbisher, and volume channels. Most of the time, those “crazy good deals” you see online are taking advantage of misused keys from those channels.

The indictment calls out several key points that should make any buyer pause:

  • COA labels are not supposed to be sold loose. They must be affixed to a device or shipped with genuine media. Selling them standalone is a red flag.
  • Bulk keys via spreadsheets and email are not a normal channel. Legitimate licensing uses portals (like CSP), OEM agreements, or refurbisher programs with traceable entitlements.
  • Deep discounts from unknown wholesalers are a warning sign. When prices are far below what authorized partners and Microsoft’s own programs offer, there’s usually a reason.
  • Microsoft does send cease-and-desist letters. The indictment notes prior civil action and injunctions against Company A before this criminal case.

If your business gets caught using illicit keys, “We didn’t know” won’t undo the risk. You can face:

  • Forced relicensing at full cost, often under tight timelines.
  • Audit findings and legal exposure.
  • Operational disruption if keys are blocked and systems stop activating.

Red Flags: How to Spot Illicit Microsoft Licensing

Based on this case and Microsoft’s own guidance, here are practical red flags to watch for:

  • Keys delivered in bulk via spreadsheets or email. Especially if you’re handed a list of 50, 100, or 1,000 keys in a CSV or Excel file.
  • COA labels sold as a separate product. Labels should be physically attached to hardware or genuine media, not mailed in plastic bags or envelopes.
  • Pricing that’s “too good to be true.” If the per-license cost is dramatically below CSP, OEM, or volume pricing, assume you’re not getting a clean entitlement.
  • High failure rate on activations. If customers or your own staff frequently complain that keys don’t work, or you’re constantly swapping out keys, something is wrong upstream.
  • Vague or foreign suppliers. If you can’t clearly identify the company, their status with Microsoft, or their country of operation, that’s a problem.

If your current vendor or offer hits more than one of these, it’s time to ask hard questions.

What Legit Microsoft Licensing Looks Like

Legitimate licensing isn’t perfect, but it does have a few consistent traits:

  • Clear channel. CSP (cloud solution provider), OEM, Volume Licensing, or an authorized refurbisher (MAR). You should know which one you’re on.
  • Traceable paperwork. Invoices, agreements, and tenant records that map licenses to your business and your users.
  • No “standalone” COAs. Labels come attached to hardware or sealed media, not as a separate commodity.
  • Reasonable, transparent pricing. Discounts are possible, but they’re within a realistic range of Microsoft’s own programs.

If your licenses don’t fit that pattern, you may be sitting on a silent risk.

SWFIT’s Advice: Don’t Let Licensing Become a Blind Spot

At SWFIT, we see licensing as part of your overall security and compliance posture, not just a cost line item.

Our guidance to Southwest Florida organizations:

  • Inventory where your Microsoft licenses came from. CSP partner, direct Microsoft agreement, OEM, refurbisher, or “mystery wholesaler.” Write it down.
  • Flag any keys that arrived as spreadsheets or bulk email lists. Treat these as high-risk until proven otherwise.
  • Standardize on authorized channels. Use a trusted CSP partner or direct Microsoft programs for future purchases.
  • Plan for cleanup if needed. If you discover questionable licenses, build a phased plan to replace them with clean entitlements before an audit forces your hand.

And remember: vendors that play fast and loose with Microsoft licensing are often cutting corners elsewhere too. If they’re willing to sell you gray-market keys, what does their security, support, and documentation look like?

Need a Quiet Checkup on Your Microsoft Licensing?

If you read about the Trinity Software indictment and felt even a small “I hope that’s not us,” you’re not alone. Plenty of good businesses have inherited messy licensing from past vendors or internal shortcuts.

SWFIT helps Southwest Florida organizations:

  • Review current Microsoft 365 and Windows licensing sources.
  • Identify high-risk or non-compliant license types.
  • Design a clean, right-sized licensing strategy going forward.

You shouldn’t have to become a software licensing detective to stay out of trouble. But you also can’t afford to ignore the risks when real-world cases like this are happening in our own state.

If you’d like a confidential licensing review or a second opinion on a suspicious “too good to be true” offer, SWFIT is here to help.

About the Author

Picture of Nicholas Salem

Nicholas Salem

As the CEO of SWFIT, a leading managed IT services company, Nick Salem is responsible for providing strategic leadership and direction to the organization. With over 20 years of experience in the IT industry, Nick has a strong track record of driving business growth and improving operational efficiency through the use of technology.

Leave a Reply

Your email address will not be published. Required fields are marked *

Your IT Partner Is Just a Click Away

Contact us now to explore customized IT solutions that drive efficiency, security, and success for your business.