HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
Bogdan BOTEZATU bbotezatu
    Share This!
  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • ReddIt
Industry News

New Wave of Attacks Exploit Skype Support Team to Hijack Users’ Accounts

April 29, 2013
2 Min Read

A Skype user by the handle Ximer had his account stolen six times in a single day by a group of cyber-crooks. According to a post by the victim on the Skype Community forum, the attackers repeatedly conned the Skype support team into handing them control over Ximer’s account.

To restore access to a lost account, the Skype support team asks the user to provide three to five contacts on Skype, one e-mail address associated with Skype and the user’s first / last name. This allows anyone with minimum knowledge of the attacker to abuse the feature and request support control of the account.

“Due to my account being stolen (not hacked) through skype support (because Skype support didn’t verify if the person owned the account or not, just wanted those 3 points mentioned above) my account was used to scam people out hundreds of dollars along with damaging my reputation for my product’s security due to thinking I had low security on my skype account or email address, when in reality, it was Skype Support’s fault my account was stolen, multiple times, and had nothing to do with End-users (me in this case),” Ximer wrote.

It appears Ximer’s account was snatched by a spammer who used the account, which in turn, made him look bad to his customers he was in touch with on Skype.

Skype is not the only company to have implemented a possibly defective account recovery mechanism. A couple of weeks ago, Apple was in a similar position because of improper validation of password reset checks.

Tagsaccount hijack compromise password reset skype

You may also like

Industry News

New ObliqueRAT Malware Campaign Now Integrates Steganography, Researchers Finds

2 days ago
Industry News

Microsoft Issues Exchange Server Updates for Four 0-Day Vulnerabilities Used by Chinese Hafnium APT

3 days ago
Industry News

Android Security Bulletin: Google Issues Fix for Critical Remote Code Execution Flaw in Android System

3 days ago

About the author

View All Posts

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

Google Bans Off-Market Updates
US Judge: Hacking into Suspects’ Computers is a No-No
    Share This!
  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • ReddIt

Promo

1.3m
Fans
Like
104.8k
Followers
Follow
2.7k
Subscribers
Subscribe
18
Subscribers
subscribe
1.4m
Fans Love us

Recent shouts

  • Meurig Parri on Microsoft Ends Support for Windows 7. What You Need to Know
  • Kevin on Cable Haunt vulnerability affects millions of Broadcom cable modems
  • Terry on Ransomware attack forces Arkansas CEO to fire 300 employees days before Christmas
  • Martin on 1&1 Telecom GmbH hit by almost €10 million GDPR fine over poor security at call centre
  • Xander on 1&1 Telecom GmbH hit by almost €10 million GDPR fine over poor security at call centre

Time Machine

March 2021
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031  
« Feb    

ANTIVIRUS SOFTWARE FOR HOME USERS

Bitdefender Cybersecurity for Smart Home
Bitdefender Complete Protection
Bitdefender PC Protection
Bitdefender Antivirus for Mac
Bitdefender Mobile Security for Android
Bitdefender Product Comparison

BUSINESS SOLUTIONS

Bitdefender GravityZone Business Security
Bitdefender GravityZone Advanced Business Security
Bitdefender GravityZone Enterprise Security
Bitdefender Hypervisor Introspection

TOOLS & RESOURCES

Renewal for Business Customers
Trial Downloads
Free Antivirus
Free Online Virus Scanner
Free Virus Removal Tools
Live Remote Assistance
Free Tools
Bug Bounty
Press Center

Powered by Bitdefender - a leading cyber security technology provider | Copyright © 2008 - 2016. All rights reserved.
  • Home
  • The Team
  • Terms and Conditions
  • Contact
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok