[URGENT] Skype Support Account Security Issue - CA...

Welcome to the Skype community. To get started please read our short welcome post. Thanks!
Showing results for 
Search instead for 
Do you mean 
Reply

[URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

Hello,

 

I'm doing this as a warning to the Skype Community. Did you know that anyone can steal YOUR Skype account with just the following?

 

- 3-5 of your contacts on skype

- 1 email you've used on skype at any point

- your first and/or last name

 

That's it. It's extremely simple. My skype was stolen 6 times in one day. Skype support never saw anything wrong with that. It was stolen around 3pm on the first day. I recovered it through skype support with just the information listed above within 30 minutes. In less than 2 hours after recovering my account, it was stolen by another person. The skype then was recovered by a friend of mine while I was at dinner. When I got back and changed the info to my own again, it was stolen later that evening. Another friend recovered it for me and tried to keep the scammer out of my account. 

 

Due to my account being stolen (not hacked) through skype support (because Skype support didn't verify if the person owned the account or not, just wanted those 3 points mentioned above) my account was used to scam people out hundreds of dollars along with damaging my reputation for my product's security due to thinking I had low security on my skype account or email address, when in reality, it was Skype Support's fault my account was stolen, multiple times, and had nothing to do with End-users (me in this case). 

 

Now, before they say, no this is not their policy or they have great support that focuses on security blah blah blah, it's just their bs. I've got plenty of proof and have recorded all my chats with skype support, which prove the support staff are not verifying account owners appropriately. 

 

Picture 1: http://i.imgur.com/eWaDMTI.png (Some personal info removed)

- They did at least ask me if I had purchased premium in the past on that time, however, it wasn't even me, it was a picture from the chat my friend had with support while I was asleep, he just used my name, email, 5 people he knew I had added on skype since I had over 800 contacts, and a random month (he used march 2013, which I was not a skype premium customer at that time and haven't been since last November).

 

Picture 2: http://i.imgur.com/HSvS5of.png (Partial Names blacked out)

- This chat he was trying to alert support about it, they didn't really pay attention or understand what he was saying.

 

My chat with skype support recently on this issue:

 

Part 1: http://i.imgur.com/IkZj4a7.png

Part 2: http://i.imgur.com/n4nNvtd.png

 

Shortly after the conversation I got the email I was waiting for, it was supposed to be their managment / "a higher department" contacting me about the issues. However, instead I got this email:

 

http://i.imgur.com/aUbOFdS.png 

 

Which clearly is not what I asked for them to do in the live chat with Skype support. I told the agent in the live chat that I already got my account back and was informing them of their mistakes hoping to prevent this issue in the future from other people getting their skype accounts stolen and to prevent mine from being stolen again. Not only that, but my account is not currently suspended nor was it when the support agent check it, I logged in a few minutes after that and was able to use it still and am able to at this very moment even though I've emailed two more requests to have it suspended.

 

This issue has cost me time, money, and hurt my business reputation as well as I did some support for customers through skype, the skype account was being used to scam people out of money by the person who had stolen my skype because Skype Support did NOT verify ownership of the account appropriately

 

Why does skype NOT have ANY of the following?

- Security Questions

- 2-factor Authentification

- Good Support that looks into these issues

- Support that can understand plain English and follow through with the request correctly instead of mistaking the my clear request for something different. 

- 24/7 support

- A real security policy to actually verify ownership of accounts

 

Due to this expirence I am trying to alert anyone and everyone I can that uses skype and trying to get Skype to actually change their policy to secure accounts. Even though there are many other issues with skype, let's just tackle one at a time. It's bad enough that anyone can get your real IP address by just knowing your skype username, now they can steal your account by just knowing a little bit of information about you.

 

Hopefully this will bring attention to the issue and prevent issues like this from harming others like it has done to me.

 

Kind Regards,

 

Dylan

@TibitXimer - https://twitter.com/TibitXimer

Ximer
Casual Adventurer
Kudos: 22
Posts: 13
Registered: 27-04-2013
Message 1 of 37 (69,027 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

[ Edited ]

I watched as this happened, and many other around the same time. There are guides being sold on how to exploit your support team and steal accounts. I no longer feel safe using skype, and I am really scared right now. I share a lot of very personal things on skype  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

Shame on you,

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

EternalTheGod
Casual Adventurer
Kudos: 6
Posts: 7
Registered: 27-04-2013
Message 2 of 37 (68,882 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

As Eternal stated, there are guides going around on how to easily manipulate Skype Support, which is not hard to do at all, just knowing that basic information will allow anyone to take over your account. The security at skype seems to be non-existent. You can see anyone's IP address by just knowing their skype name, thus knowing where they are, and you can steal their skype account with ease, thus getting access to their recent private chats or skype group chats, along with being able to pretend to be that person which could cause a lot of issues and monetary loss. 

Ximer
Casual Adventurer
Kudos: 22
Posts: 13
Registered: 27-04-2013
Message 3 of 37 (68,878 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

[ Edited ]

Yes! This...I pay for a service that hides my ip address. Money I could use towards skype if they would secure their xxxxxxxxx Do you know how bad it sucks to get ddosed? Well, if you use your product check your name here: xxxxxxxxxxxxxxxxxxxxxxxxx

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

EternalTheGod
Casual Adventurer
Kudos: 6
Posts: 7
Registered: 27-04-2013
Message 4 of 37 (68,850 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

[ Edited ]

Really? xxxxxxxxxxxx

 

Censorship at it's finest...

 

EternalTheGod
Casual Adventurer
Kudos: 6
Posts: 7
Registered: 27-04-2013
Message 5 of 37 (68,848 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

Yes, there are many flaws with Skype's software. However, this thread is mainly dedicated towards their lack of security policy and support agents handing over accounts without verifying ownership of the account. 

Ximer
Casual Adventurer
Kudos: 22
Posts: 13
Registered: 27-04-2013
Message 6 of 37 (68,777 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

I really hope they can at least change their recovery policy. 

EternalTheGod
Casual Adventurer
Kudos: 6
Posts: 7
Registered: 27-04-2013
Message 7 of 37 (68,725 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]


EternalTheGod wrote:

I really hope they can at least change their recovery policy. 


I hope so as well, but only time will tell. Hopefully this will get their attention and bring the change Skype Support needs so despriately. 

Ximer
Casual Adventurer
Kudos: 22
Posts: 13
Registered: 27-04-2013
Message 8 of 37 (68,701 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

I've alerted a few tech sites about this issue and this post to try to get some articles out on it to bring more attention to the issue.

Also, this thread has over 1,400+ views in 2-3 hours.
Ximer
Casual Adventurer
Kudos: 22
Posts: 13
Registered: 27-04-2013
Message 9 of 37 (67,590 Views)

Re: [URGENT] Skype Support Account Security Issue - CAN AFFECT ALL USERS [COMMUNITY ALERT]

Ximer
Casual Adventurer
Kudos: 22
Posts: 13
Registered: 27-04-2013
Message 10 of 37 (66,470 Views)
Reply

© 2014 Skype and/or Microsoft. The Skype name, associated trade marks and logos and the "S" logo are trade marks of Skype or related entities. Use of this website constitutes acceptance of the Terms of Use and Privacy and Cookie policy.

No emergency calls with Skype
Skype is not a replacement for your telephone and can't be used for emergency calling