Have you been receiving spam messages with Baidu or LinkedIn links on Skype of lately? If you answer is in the affirmative, then you’re not the only one affected. Over the past couple weeks, several Skype users have reported sightings of these links on their profiles and others who have been troubled with this spam from their friends.
But the users didn’t even receive such a link, nor did they click one received by them. Then how is it possible to spam a person’s contact list on the said messaging platform?
Well, according to The Verge, hackers have somehow managed to break through the security of Skype’s chat platform and breach the user’s account to send thousand of spam messages. Users who had their accounts secured with two-factor authentication have also felt the heat of the hack and their accounts have been exploited to spread these social spam links.
A spokesperson from Microsoft has denied the allegations of a breach in Skype’s security protocol. Instead, the representative states that the hackers may have been able to gain access to these accounts by unfair means i.e by reusing username and password combos floating around the interwebs.
Some Skype customers have reported their accounts being used to send spam. There is no breach of Skype security, instead we believe criminals are using username and password combinations obtained illegally to see if they exist on Skype.
We continue to take steps to harden the login process and recommend customers update their Skype account to a Microsoft account to benefit from added protections such as two-factor authentication.
This could be a plausible explanation for the breach and spam messages. And one would possibly think that their account is protected from intruders if they’ve upgraded their login credentials and connected a Microsoft account to the same — which should eliminate the former in favor of the more secure latter option. But users who’ve connected both accounts are also facing the wrath of the spam message attack.
This proves to us that hackers can use the said login credentials leaked in previous breaches, including those Yahoo or others. It even enables them to use your old login credentials to bypass any two-factor authentication used on Skype and the linked Microsoft account.
To prevent yourself from such spam attacks, you should change your login credentials right away. But hackers can still breach your account using password elimination, so the most plausible way to secure your account would be to merge your Skype and Microsoft account in the messaging app.