Skype is one of the most widely accepted communication channels for both private and business conversations, mostly for the love of multitasking. It’s not uncommon for users to make payments, check their bank accounts or send emails while talking over Skype.
However if VoIP calls involve more than just casual chit chat, Skype can be pretty dangerous, especially when business or critical information is involved.
‘Don’t Skype and type!’ warn researchers from UC Irvine and University of Padua, after discovering that VoIP software collects the sounds of your keystrokes.
“VoIP software can acquire acoustic emanations of pressed keystrokes (which might include passwords and other sensitive information) and transmit them to others involved in the call,” reads the report.
Electronic eavesdropping is a major vulnerability. Without compromising or infecting the computer with RAT, an attacker could put together the information the victim is typing during calls with 91.7 percent accuracy if the victim’s typing style and keyboard are known. Otherwise, the accuracy drops to 41.89 percent.
Touch-screen or holographic keyboards and keypads are safe to use, such as tablets and smartphones. Luckily Skype is encrypted, making it difficult to record keystrokes if not part of the actual call. Can this technique still be used? Definitely! Skype could use it, for one thing, and give the information it collects through keystroke sounds to third parties such as governments or secret agencies, should a user be suspected of foul play.