Skype is one of the most widely used (and wildly popular) Voice over IP (VoIP) software applications used on the Internet, so phishers occasionally attempt to profit from its popularity. And today is no different.
The Trend Micro Content Security Team discovered an active Skype phishing page, and as can be seen in the screen capture below (Figure 1), potential victims are asked to enter their Skype login credentials, such as user name and password.
Figure 1. Screenshot of bogus Skype phishing page
After entering the required information, users are then directed to a spoofed security check page (see Figure 2) that asks the user to enter their “other personal data” including credit card number, credit card expiration date, name of the card holder, CVC (card verification code), and billing address.
Clicking on the Update button leads potential victims to the legitimate Skype page.
Figure 2. Screenshot of bogus security check page
Although Skype had been in security news in the past for criminal attempts to capitalize on its popularity, this is the first time we have encountered an active phishing page that basically “clones” the entire Skype Web site.
However, cautious visitors, especially those with free accounts, may soon realize that there would be no legitimate need to give out their credit card information just to be able to use Skype.
Skype subscribers with paid accounts, however, may be more at risk, since they may agree to provide their account information in relation to account maintenance.
The spoofed site is already blocked by Trend Micro Smart Protection Network.