Fausta's blog

Faustam fortuna adiuvat
The official blog of Fausta's Blog Talk Radio show.

Monday, March 24, 2008

Skype sucks: The Phishing

Today at 7AM Eastern I received a message saying that my Skype password had been changed. I immediately went into my account, reset the password through my email faustaw@yahoo.com and signed into Skype again.

About half an hour later I received another Skype message saying the password had been changed again, but this time my faustaw@yahoo.com password had been changed also and now I can not use either that email address or my Skype account.

Then I filed a Support Request with Skype.

It's 1:35PM. Still waiting.

The faustaw@yahoo.com email account is now disabled.

1:39PM: Skype "reply"
Thank you for contacting Skype Support!
This email is confirmation that we have received your request and a Customer Support Specialist will be working to get back to you with an answer as soon as possible.
Because the majority of requests require research to resolve, it can sometimes take us up to 48 hours to respond, though we make every effort to get back to you as quickly as possible and most queries are answered within 24 hours.
Though we will do our best to respond to you as quickly as possible, sometimes the best way to get immediate answers is to search our knowledgebase at http://support.skype.com where you can find answers to questions like:
• How to Use Skype
• Skype In/Skype Out
• Skype Voicemail
• Skype Privacy & Security
• And many other questions
You can also find helpful step by step User Guides at http://www.skype.com/help/guides/ that will help walk you through things like:
• Getting Started Using Skype
• Installing Skype
• Adding a Skype Contact
• Making a Skype Call
• And many more
We hope this is helpful and again, thank you for contacting us. We’ll be getting back to you as soon as possible!
Sincerely,
Skype Support
Please do not reply to this automated email,
we will reply to you directly from your support request.
By the way, late in 2007 someone had used my Skype credit to call numbers in Morrocco during the weekend of November 30 to December 2. It took some doing to get the amount reinstated.

While on chat in MidStream Radio, Drive Time Talk Time suggested I read this, Password has changed automatically

It goes back to last year and Skype is still vulnerable to phishing. The forum reply was that "the password can only be changed if som someone knows it..."

The problem is, someone's figured out how to access the Skype passwords.

Update:
The Husband, "Someone's out to get you".
I roll my eyes and supress the urge to strangle.

Digg!

Share on Facebook

Labels:

4 Comments:

At 5:08 PM, Blogger Pat Patterson said...

It's the Food Police! Or else some Tangonistas!

 
At 6:08 PM, Blogger Fausta said...

LOL
Tonight's tango class, and trust me, I so look forward to it!

 
At 12:03 PM, Blogger Teresa said...

When you received the email, I hope you didn't use any link within the email to go change things! If so, that would be how they got the password for skype and for yahoo. The link itself in a phishing email will redirect you to a bogus site or even put a pop up on a real site... that's when it steals your information.

Email alert rules to live by:

- NEVER click on a link sent via email telling you to change your information - EVER... this can not be stressed strongly enough! Even if you trust the sender!
- have a bookmark (in your own bookmark folder) available for all places you do business. (example skype's home page)
- if you don't have a bookmark, then type in the url directly for the homepage of the business or Google it!
- Never retype a link send in the email itself it could be one that is "close" but not quite spelled the same and you might not catch it, thus even typing it in you can be redirected.

For that matter - if you receive an email telling you something has changed - there should be (at any reputable web site) a link to contact them about suspicious email. (generally these emails are abuse@xcompany.com)

You then save the entire email and forward it to the company as an attachment (so none of the original email headers are lost). With the question: Did you send this to me? If not, it might not do any good to forward... but then again it might. At least they would be aware of a phisher.

If they did send it - and a password was changed without your consent - then they need to fix it on their end. You shouldn't be trying to fix it yourself because the account has already been compromised.

Good luck getting it straightened out - phishers should all be consigned to the lowest circle of hell.

 
At 11:25 AM, Anonymous Anonymous said...

Thank you for contacting Skype Support.

We do not have live phone or chat support and all our support is conducted by e-mail. We do not plan to have live support in near future.
All information about any matter have to be forwarded and received by email.

They email you back in about a week (I mean an actual form letter someone has edited with your name...) It's freaking ridiculous. They don't give a rats ass.

 

Post a Comment

Links to this post:

Create a Link

<< Home