Skype attacks threaten 300 Million Users: How to Protect Yourself

Skype attacks threaten 300 Million Users: How to Protect Yourself

A new phishing campaign targeting Skype users is particularly convincing.

The attack comes in the form of an email warning that there are multiple Skype notifications and that they need to click a "review" button, which, according to researchers at Cofense, brings up a fake Skype login page.

The fake Skype page has a ".app" web address suffix and is protected by HTTPS, which gives the fake a bit of legitimacy. (.app top-level domain is managed by Google and used by software developers).

The scammers are quite clever. Because the link in the email message has a unique identifier, you will see your name already filled out in a login box that looks just like the real thing.

There is even a notice that your company's "system is for authorized users only" and that "illegal users will be prosecuted."

After the simple last step of entering your password, that password becomes the hacker's password and your Skype account becomes their account. If the same username and password are used for other accounts, the bad guys will probably steal those as well. (Re-using passwords is a very bad idea, because it makes the attacker's account look like a hacker's account.)

You may wonder why an attacker already knows your name, email address, and place of employment. The most obvious answer is that they got some of that information by scouring LinkedIn (like Skype, a Microsoft subsidiary), but to be fair, many companies have very helpful "who we are" pages.

If you are one of Skype's 300 million monthly users, there are things you should know to protect yourself. The only clue that this login page is a fake is the URL, or website address: in the example provided by Confense, it was "skype-online0345.web.app," but a real Skype page The real Skype page should have an address ending in "skype.com".

The part of the URL immediately before ".com", ".net", or ".edu" is the most important part of the URL in web addressing, so just having "skype" somewhere in the URL does not make it authentic.

If you fall for this phishing scam or a similar one, you should change your Skype password immediately, as well as those of any other sites that used the same password.

Make sure your passwords are strong and unique, and do not reuse them. One of the best password managers can be of great help.

Categories