Malware attack strikes, posing as Skype password change notification

Kosh Vorlon

Contributor
Joined
Jul 22, 2012
Posts
117
Location
Laytonsville, Maryland, USA
If Skype users didn't have enough to worry about this week security-wise (with a worm spreading across the system), there's now another threat to warn about.Emails have been spammed out by cybercriminals, posing as messages from Skype, claiming that you have changed your password on the service.
Here's an example of one such email (click on it for a larger version):

If you look carefully, you may spot that the spammers made a clumsy spelling mistake:
Password successfully changed
Your new Skype password has been set.
You can now view your attached call history and inscturtions how to change your account settings.
If the changes described above are accurate, no further action is needed. If anything doesn't look right, follow the link below to make changes: Restore password
Talk soon,
The people at Skype
Perhaps surprisingly, the links really do point to the genuine Skype website at skype.com.
However, a file (Skype_Password_insctructions.zip) is attached to the email, and if you make the mistake of unzipping and executing its contents (Skype_Password_inscructions.pdf.exe) you run the risk of infecting your Windows computer.

http://nakedsecurity.sophos.com/201...mail&utm_campaign=646ecde47a-naked%2Bsecurity
 
Back
Top