Skype users are suffering from two email scam campaigns.
One is a spamming program that is focusing on compromised Skype accounts.
The offered links don’t lead to an image, but to a malicious executable (skype_02102012_image.exe) posing as one.
“Running the file will cause it to self delete and the infected PC will begin making DNS requests to a number of URLs, including a .pl, a .com and a .kz – we also saw references to IRC channel names in the network traffic and are investigating further,” said Chris Boyd of security firm GFI.
“It goes without saying that being dropped into a network of compromised machines of any kind won’t do the end-user any favors,” he said.
The Google URL shortening service manages to kill the malicious shortened links in a very short time. But the danger is there, as constantly setting up fresh links is easy to do.
The other campaign deals with false emails supposedly sent by Skype and are targeting users saying their Skype password has been “successfully changed,” said researchers at Hoax-Slayer said.
Users who haven’t initiated the password change themselves are in danger of believing their account is suffering a hijack and will follow the offered links without thinking.
Those that do will face a spoofed Skype login page that sends the entered login credentials to the scammers behind this phishing attempt.
Users should always log into the legitimate online services they use only via the official login page.
Following your own bookmark to it or entering the right URL in the browser address bar yourself are safe ways for checking what’s going on with your account. Following links included in unsolicited emails, and especially those that try to create a sense of urgency, is not the way to go.