Last Sunday my Skype got hacked. Â All my contacts got messaged some CPAÂ offer. Â What bugged me the most is that it was a strong password, not used anywhere else, and not the same as my Microsoft account.
The link they send out was crafty… disguised by a google search (Â https://www.google.com/url?sa=t&url=%68%74%74%70%3A%2F%2F%61%62%61%74%61%70%6B%61%2E%72%75&usg=AFQjCNFXqWJuZRIF6e3GNtBwcg9YQEessA&firer#62174)
I have 1600 contacts… so.. Â good times.
It sucks obviously when this happens but whats worst (for me) is the aftermath.
Here is the best way to clean it up.
Immediately change your password.
Log into the Skype web account and check to see if there are any other emails that have access added to the account that are not yous:
Something of note – there is no place that says “Delete this email”. Â Just edit it and blank it out then click save and it will be gone.
Change your status on Skype to Don’t click the link I got hacked, Â post on all your social media accounts you are aware you got hacked on skype if people got a weird message. Â Hopefully this will limit the amount of people that will contact you to let you know.
Now this happens to a lot of people all the time obviously. Â I have always dismissed it as “Ya dummies don’t use strong passwords”.
I HATE unsolved mysteries … Â But its not like I can get ip logs from Skype or anything and not that it would help.
It’s just so weird how it could happen. Â I use VPN’s on everything and two factor on anything that allows it.
Another thing you can do is type /showplaces in any window and it will show you the devices you have logged in from. Â This didn’t help me as they were all my devices but maybe it will help you:
Now to limit this you can also merge your skype account with your Microsoft account here:Â https://account.microsoft.com/
Then you can enable 2 factor authentication. Â Its a pain in the ass but it will be much more secure.
Welp.. Â Time to sort through the Facebook, Â Text, Twitter, Linked in, and emails letting me know I got hacked….
Well played whoever figured this out.
Got hit with the same thing even though I wasn’t logged in to skype on any devices. I suspect password reuse at it only happened on an old account that still had on old password that I use to use a lot. My current skype account wasn’t touched.
Thanks for the info on what to do if hacked. Surely someone has figured out how they do it and can explain in more detail how to prevent it from happening vs what to do after the fact?
Thanks for the info – just got me and a ton of other people. My password isn’t something that can be brute forced. Super super weird. Hadn’t touched Skype for a few years until two weeks ago and all of a sudden bam. Vulnerability.
Skype hacking has been rolling through our industry for the past year or 2. I know one of the exploits had something to do with people knowing what your email address is, and using that to reset your password. I’m not exactly sure how, but for example if someone knew your main email address was ceo@business.com, they could hack you if that was your skype email address. If you used some unknown email address for skype, ceo123@gmail.com that wasn’t published anywhere (and would be impossible for the hacker to guess) then they can’t get access to the account. It’s almost like they’re able to register a microsoft account with email addresses they don’t have access to, as long as they know the email address it lets them reset the password, or add additional email addresses to the account. Skype has been notified of this issue many times and as far as I am aware, they’ve done nothing to prevent the problem from recurring.
Thanks for sharing it with us. After some time Skype community needs to improve it otherwise they’ll loss big % of market share in Video Calling Platform They can provide two way verification in which OTP will be be sent only on registered number not on email id…