InnerPass is warning Skype users of a new phishing scam spreading through direct Skype Chat messages on the Skype network, which redirects you to a fake log-in page to steal your Skype username and Skype password. The team at InnerPass found this out the hard way! If you receive a strange direct Skype text message from one of your own contacts in your Skype contact list, and it takes you to a Skype log-in page, DO NOT LOG IN!
You may want to check with that person first but you should ask yourself ‘why am I being asked to enter my Skype name and Skype Password?’ The site will look identical to the real site but the URL may divulge that it’s a dodgy link. Don’t be fooled because if you do enter your Skype name and Skype password then they will have your Skype login credentials. Once they do they can login as you. As you, they will send out the same bad link to all of your contacts and it will look like it came from you. It happened to me personally because I didn’t know how to recognize this scam.
The Skype phishing link started out looking official with Skype.com in the link but it included additional text after the link that I didn’t recognize. Furthermore, the login page looked identical to that of Skype.
It’s important to note here that Skype isn’t alone. There’s been an increase in this type of scamming and it’s affecting some of the popular social media networks including Twitter and Facebook.
If you need to know what to do if you were caught by the scam you can contact us at email@example.com and we can send you some information. Below is a list of other sources that will help you understand more about phishing.
Source – Wikipedia: “ In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Read more at
Source – Webopedia: “The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. Read more at http://www.webopedia.com/TERM/P/phishing.html
Source – PCWorld: Twitter is warning users of a new phishing scam spreading through direct messages on the network, which redirects users to a fake log-in page to steal their passwords
Source – Skype: Fake Malware Alert. If you receive something like this through a Skype chat message, do not be alarmed. Instead, ignore it and block the sender. This is chat spam aimed at scaring users into purchasing an alleged antivirus product. http://share.skype.com/sites/security/2007/11/fake_malware_alert.html
Source – Microsoft: Phishing e-mail messages are designed to steal your identity. They ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data. Phishing e-mail messages take a number of forms… read more http://www.microsoft.com/protect/fraud/phishing/symptoms.aspx
Source – Fruad.org: Watch out for “phishy” emails. The most common form of phishing is emails pretending to be from a legitimate retailer, bank, organization, or government agency. The sender asks to “confirm” your personal information for some made-up reason… read more http://www.fraud.org/tips/internet/phishing.htm