Your Skype Account Can Be Easily Hijacked, Says A Guy Who Was Hacked Six Times In One Day (MSFT)
It is painfully easy for hackers to hijack your Skype account and then use it to spam your Skype contacts, says a guy who had his Skype account stolen six times in one day.
Over the weekend, "Dylan," aka @TibitXimer on Twitter, a self-proclaimed security researcher/hacker, contacted Skype when he discovered his account had been hijacked. Skype asked him a few basic questions and then reset the account.
The problem is that those same easy-to-answer questions are what allowed spammers to hijack his account in the first place.
When someone contacts Skype to say they want a new email address and password, Skype asks people to tell them things like naming three to five Skype contacts, giving them an email account used with Skype, or giving a first and/or last name, Dylan explained.
He says it's easy for a hacker to learn those things, call Skype and gain control of the account.
After the sixth time he had his account stolen on Saturday, Dylan posted a message to the Skype help forum and started Tweeting about it:
@skypesupport my skype was given away to over 6 people in one day due to them just knowing my email, name, and 5 contacts on my account
— Tibit (@TibitXimer) April 25, 2013
Other people tweeted about getting their Skype accounts hijacked, too.
@tibitximer @skype My account was hijacked and they changed/add! ed email . Can't reset password bc the token expires. Support's terrible.
— Jana Veliskova (@jveliskova) April 29, 2013
Skype fixed the problem with Dylan's account, it says, but it's unclear if they will change their support policies to make it harder to get a Skype account reset.
We've reached out to Skype PR and Microsoft PR for comment.
SEE ALSO: The 10 Most Important Companies In Cloud Computing
Please follow SAI on Twitter and Facebook.
Join the conversation about this story »