Skype Security Issues Include Easy Account Hack
Skype Security Issues Include An Easy Account Hack
Skype, the world’s largest video chat and calling platform, has recently admitted to both privacy and security issues on the site. Skype security issues include an easy way to hack into user accounts, and the Skype privacy issues stemming from the same issue, where hacked users could have every bit of content, from messages to credit card numbers, exposed to hackers.
The Skype security threat has been being talked about for reputedly three months on a Russian website, only coming to light in English a few days ago when a man posted the issue on Reddit.
Skype Security Issue Explained
Skype allows users to re-set and hack accounts with nothing more than the user email. The hacking trick works by setting up a new account with the users email, logging into it, and then requesting a password reset. The reset will issue you a password reset token in Skype, not via email, meaning that anyone can do it very easily. From there, the hacker can access account information, including personal payment information and personal addresses that might have been saved for Skype payment purchases. While the issue is now temporarily fixed, the Skype vulnerability is actually quite serious considering how easy the accounts were to hack.
Skype’s Response to the Security Threat
A Skype vulnerability, especially one so severe, deserves immediate attention. While Skype did nothing in response to the Russian post nearly three months ago, they responded within 12 hours to the news that personal accounts could be hacked. Late on the 14th of November, just hours after the initial English release of the Skype security issue, Skype announced that they had resolved the issue by temporarily freezing the password re-set function. Needless to say, genuine users who forget or lose their passwords will be left out by this temporary freeze. New security measures are expected to be in place by the end of the week, and will probably include that the new token be sent to the email account rather than to the Skype account.
Skype Security Threats & Vulnerabilities
Despite the seriousness of this particular Skype security issue, it’s not the first time they’ve been plagued with threats. Earlier this year, a virus surfaced (that is still a problem), targeting windows users of Skype software. The virus, known as Dorkbot, spreads itself among Skype users by sending Skype messages to contact lists, immediately downloading onto the user computer and pulling it into a bot net. While this type of security threat on Skype has much more potential for harm than the Skype hack that surfaced on the 14th, both are serious issues.
Skype on Computers
Skype has recently begun to expand its reach by branching out to work as a communications app for Microsoft, Kindle, and Android devices. In response to, or perhaps because of, Apple’s FaceTime, more and more mobile producers are being forced to provide a face to face video calling platform for free with the app. Because Skype is already set up, is known for licensing its software, and very reliable, it is an obvious choice for anyone looking for an easy solution. Skype has also been integrated with the new Microsoft Office 2013, which hasn’t yet come out.
Security Tips for Skype Accounts
Skype security issues are usually quite easy to avoid if you pay attention. Dorkbot links and viruses all appear a little ‘off’, and usually contain a message like ‘Is that your new profile picture’, which is easy to spot as a fake if you haven’t changed your picture. They will also usually contain a link, so if one of your contacts messages you out of the blue with a link, you can simply ask them what it is about. If they have no idea, then it is most certainly a virus.
If you want to protect your Skype account from being hacked, try displaying your main email on your Skype account, but using a secondary (different) email to set up the account. Most of the time you can save yourself a great deal of trouble by using a secondary email to set up all of your accounts, while still displaying your primary email address as your public email. This prevents hackers from getting into your account because they can’t see the email you used.