Skype falls victim to scareware
According to security journalist Brian Krebs on Krebs on Security, cyber criminals are making Skype voice over Internet protocol (VOIP) calls urging unsuspecting users to download and install a system update for Microsoft Windows.
“Users who visit the recommended Web site are bombarded with scareware prompts that try to frighten them into purchasing worthless security software,” says Krebs.
He explains that scareware scams are nothing new, saying the scams have spread for some time now over the instant message client built into Skype. However, this is the first time cyber criminals are resorting to Skype calls to sell fake anti-viruses.
Networkworld states that Privacy International (PI) recently asked Skype to improve the security of its VOIP service to protect users' privacy.
PI believes Skype users are vulnerable to interception, impersonation and surveillance. Specific complaints included that it's easy to impersonate users, and poor audio encoding could allow eavesdropping.
In addition, the lack of HTTPS for Skype download means the service could be spoofed so users download compromised versions of Skype like what happened previously in China.
Share