By using this site you agree to the use of cookies for analytics, personalised content and ads. Read more

Spoofed message from contact

SOLVED
Go to solution
Casual Tourist

Please find a way to stop this annoying spam ..happened today and I have no idea what to do (Germany)

Flag for a Moderator
Message 311 of 1,418
Routine Adventurer

Possibly related: I see I am still getting failed login attempts from Egypt on my old hotmail account which is not linked in anyway to my Skype account.

Flag for a Moderator
Message 312 of 1,418
Highlighted
Community Manager Emeritus

We’ve been working on the spam problem some of you have experienced. Whilst there has been no breach of the network, or malware exploit of a vulnerability, our investigations indicate that attackers are using a list of stolen usernames and their associated passwords to try and log into Skype accounts. Although most of their attempts are blocked or fail – many of the usernames they try don’t event exist as Skype usernames – a small percentage are successful.

 

Unfortunately, login credentials are highly valued by motivated and resourced cyber criminals whose efforts to steal them are not only a challenge for the IT industry and law enforcement, but society as a whole. Our conclusion is that this issue impacts customers who use, or have in the past used, the same username and password combination they use for Skype on other services as well, and at some time in the past have had those credentials stolen – possibly through a phishing attack or some other form of cybercriminal activity.

 

We started investigating the spam issue when it first appeared and have put in place measures to block the attackers and protect customers. Without giving details that would inadvertently tip off those behind the spam, I can tell you that we have implemented a number of measures to harden the spam detection and login process.

 

With control of a username and password an attacker won’t need your device to be switched on to send spam. The best defence is to change your Skype password. If you can’t remember your Skype password, this guide will help. If you have linked your Skype account to a Microsoft Account, or some other service like Facebook, make sure you change the password you use uniquely for Skype and allow 24 hours for it to take effect. And of course, make sure you choose a strong password. This information will help you. If you haven’t already, you might also consider adding a valid email address and phone number to your Skype profile so we can better help you recover your account should that ever be needed.

 

We take the security of our customers’ accounts very seriously and our vigilance is constant. More advice on how to help keep your Skype account secure can be found here.

 

[Edited on July 29th to highlight information about linked accounts.]


Found a helpful message? Give it a Kudo below to say "thanks"
Did my reply answer your question? Accept it as a solution to help others, Thanks.
Flag for a Moderator
Message 313 of 1,418
Esteemed Adventurer
1. "has been no breach of the network" ... Pretty bold statement, of which you can never be sure, even if your investigation indicates this and you honestly believe it.

2. "investigations indicate that attackers are using a list of stolen usernames and their associated passwords" ... Maybe, but in that case, stolen in real time from Skype and then used.

Note that many of the users that have experienced the issue, had unique, long passwords on accounts that have not been used for years. I find it very hard to believe that such credentials would suddenly surface and start being maliciously used.
Flag for a Moderator
Message 314 of 1,418
Novel Adventurer

...yep, and between all the babble, the supposed "solution" is simply just "change your password" and other seeminginly famiular work arounds, just like you've been telling us for the last month.

Flag for a Moderator
Message 315 of 1,418
Novel Adventurer

Hi Claudius,

My Skype username is not my regular user name (I have that as my personal Skype). I have used it once elsewhere on a service with an entirely different password (I just checked it, also under security that the password I use today was the same as day one).

Are you saying that I have been affected by a different issue?

Flag for a Moderator
Message 316 of 1,418
Novel Adventurer

Same issue,

I changed my Microsoft password.

 

My Skype account is linked to my Microsoft account. AFAIK you can login with either set of credentials (why??). I also realized that Skype has my old email (with a password that I can't recall) so I put in a ticket to get that changed. If a hacker compromised the Skype passwords, then my account will continue to send out spam until my ticket is resolved. So far I heard nothing back.

 

Is this something that will be on all tech sites in the next few days? Where did the hacked passwords / usernames come from if not from Skype DB? I am also reading here that password changes do not work?

Flag for a Moderator
Message 317 of 1,418
Casual Adventurer

Sorry Claudius, but your post must be a joke or you try to fool us with hidden camera or so. There is no logical explanation than this whatsoever. Otherwise you wouldn't post such a non-sense text.

 

Did you even read entire discussion? Your post may cover in maximum half of all cases, but doesn't explain the other half. Which means, wait for it, it's non-sense.

 

Huge disappoitment once again 

 

 

Flag for a Moderator
Message 318 of 1,418
Tourist

"The best defence is to change your Skype password. If you can’t remember your Skype password, this guide will help. If you have linked your Skype account to a Microsoft Account, or some other service like Facebook, make sure you change the password you use uniquely for Skype and allow 24 hours for it to take effect."

Flag for a Moderator
Message 319 of 1,418
Novel Tourist

Someone I know got a Skype message from me saying "please advise" with a link.

 

I can't remember the last time I actually used Skype.  

 

Does anyone know what might be going on?

Flag for a Moderator
Message 320 of 1,418