Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    9:41 pm (UTC-7)   |    by

    Skype is one of the most widely used (and wildly popular) Voice over IP (VoIP) software applications used on the Internet, so phishers occasionally attempt to profit from its popularity. And today is no different.

    The Trend Micro Content Security Team discovered an active Skype phishing page, and as can be seen in the screen capture below (Figure 1), potential victims are asked to enter their Skype login credentials, such as user name and password.

    Figure 1. Screenshot of bogus Skype phishing page

    After entering the required information, users are then directed to a spoofed security check page (see Figure 2) that asks the user to enter their “other personal data” including credit card number, credit card expiration date, name of the card holder, CVC (card verification code), and billing address.

    Clicking on the Update button leads potential victims to the legitimate Skype page.

    Figure 2. Screenshot of bogus security check page

    Although Skype had been in security news in the past for criminal attempts to capitalize on its popularity, this is the first time we have encountered an active phishing page that basically “clones” the entire Skype Web site.

    However, cautious visitors, especially those with free accounts, may soon realize that there would be no legitimate need to give out their credit card information just to be able to use Skype.

    Skype subscribers with paid accounts, however, may be more at risk, since they may agree to provide their account information in relation to account maintenance.

    The spoofed site is already blocked by Trend Micro Smart Protection Network.

    Related Posts:

  • Blue Sky[pe] predicted today. Good weather for Phishing.
  • New Skype Copycat Steals User Credentials

  • Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice