Skype Flooder by Revi, a do it yourself tool for spammers, underwent an update to version 2.0.
The tool tricks as many Microsoft Skype users as possible into interacting with their malicious scam and spam campaigns.
Anyone can buy Skype Flooder at it just costs $10. In addition, if anyone buys it now, he will automatically receive 5,000 already-harvested Skype user names. At least that is how its creators are marketing it on underground forum.
The spamming can cull Skype user names by country or by gender. It can also check whether the user is online or not. The latest version also supports parsing of log files.
“Since the tool is only capable of spreading a particular message to those who give authorization to the spammer’s account, as well as the fact that it doesn’t support multiple spam accounts and proxies, it doesn’t represent a scalable threat,” a Webroot spokesperson said. “Instead, it primarily relies on social engineering. Although the tool is capable of segmenting the targeted population for better conversion rate, the user still has to authorize the spammer in order to receive messages from him.”
To protect yourself from this spamming tool, the user needs to ensure only his contact list can send IMs or initiate calls. By default, Skype allows anyone to call.
Here’s how to change these settings: Tools => Options… => Privacy => “Allow calls from… people in my Contact list only” and “Automatically receive video and share screens with… people in my Contact list only” and “Allow IMs from… people in my Contact list only.”