Skype Account Hjiack Vulnerability Via Skype Support Discovered

Skype is having security troubles again. According to great big red flag raised by a user on the Skype community forums, Skype accounts are extremely vulnerable--through Skype’s own support system. The user, Ximer, said on the forum that anyone can steal your Skype account with very little to go on; specifically, all one needs is 3-5 of your contacts on Skype; an email you’ve used on Skype at some point; and your first and last name.

He notes that his account wasn’t “hacked” per se; it was simply stolen, using basic information to dupe Skype support into verifying the account’s ownership. And it happened to him multiple times in one day. And the thief (or thieves) used his account to scam people out of hundreds of dollars.

Skype support
(click to enlarge)

A Skype forum admin finally responded, saying in part:

Skype CS is looking into your case. Our unlock policy does in fact require more that just the information you have quoted and we are checking where the failure happened during the required steps of verification.

I understand your frustration and we are constantly revising our process to ensure your account access is blocked to malicious users while at the same time valid password recoveries still make it through.

Whatever the admin says, if Ximer is correct about the lack of security, that means essentially all Skype users are vulnerable. He further complained in his post that Skype lacks the following security measures:
- Security Questions
- 2-factor Authentication
- Good Support that looks into these issues
- Support that can understand plain English and follow through with the request correctly instead of mistaking the my clear request for something different.
- 24/7 support
- A real security policy to actually verify ownership of accounts

Ouch. Microsoft did tell Network World that one measure that can help mitigate the security risk is to log in to Skype via your Microsoft account, which features two-step verification. Somehow that’s not making us feel a whole lot safer.
ajm531 one year ago

*as im reading article another seperate window is opened up in windows 8 and skype is uninstalled* ok not really id have to delete my account to prevent this. i feel bad for who thru this but praise them unsung heroes who deal with and report it to make known to the public

eric273 one year ago

I am the person who had the chat screenshotted in the picture.

I recovered tibit's account for him after he got his hacked. Skype need to rectify this soon.

thunderdan602 one year ago

Crud. Well that sucks. Skype needs to nip this in the bud. And quick.

Kidbest100 one year ago

Skype needs to get its ... Stuff...together, and in all reality, they need to get it together NOW...

This is a massive hole...And they know exactly how to plug it, but they don't really want to it seems.

Skype is awesome, and I love it... Bu I also hate it XD

Post a Comment
or Register to comment