Security Corner

Aug 23 2010   1:46AM GMT

Skype Phishing Attempts and Account Hacking – Part 1

Ken Harthun Ken Harthun Profile: Ken Harthun

Friend of mine got this message the other day, purportedly from someone they knew:

hey how are you
sign in there to can see it
this is my page contains my pictures videos of my family....
i like you to see now for me
if you had ot the time take just a look

Do I have to say what happened next? I didn’t think so. I sandboxed my browser and hopped over to take a look at the page source.

My friend was taken to a fake Skype login page that was an exact copy of the real thing. In fact, everything worked exactly like the real Skype login page because all the links, etc. were correct. However, the username and password fields were actually inputs to a script that sent the information to the hackers.

Once the hackers had her password, they logged into her Skype account, changed the password and sent the link to everyone on her contact list. Of course, other people fell for it, thinking it was from someone they trusted, so the thing spread virally until I and several other savvy people got the word out.

It’s easy to stop the hacker and recover your access if you know how; problem is, most people don’t even know where to start. Part 2 will show step by step how to recover a hacked Skype account After I simulate an actual hack with a trusted friend as the “hacker,” I will post part 2 which will give details on what can and can’t be done. Unfortunately, it appears that unless you have an “upgraded” Skype account–meaning you have bought Skype calling credits at some point–you won’t be able to recover your original ID without Skype’s intervention (an ordeal, I’m told).  Stay tuned.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: