New Skype Phishing Scam Promises Premium Upgrade, Installs Malware
Skype users need to be on alert for a new phishing scam that is making its rounds across the Skype network. Discovered by security researchers at Malwarebytes, the new scam makes an offer to unsuspecting users which they hope the users will not be able to resist: a free premium upgrade — if you visit this site, login with your Skype credentials, and download the premium update.
The scam works as follows, users receive a message on Skype similar to the one below:
hey go to hxxp://www.SkyPremiumSetup.com/ and activate your account, Skype is giving away free premium for life to a few thousand people. Once you have it, you can do group video calls and a ton of other cool stuff. i got to head out now but I’ll ttyl for sure!
Once you click the link you are brought to a page with some pretty atrocious misspellings and are asked to login with your Skype account. What’s interesting is that according to the Malwarebytes security researcher, if you do not provide the correct login information, the scammers don’t allow you to proceed (meaning you can’t download their malware). Apparently the reason why they require you provide the correct login credentials is so they can access your contact list and continue to spread the malware around to your friends and family.
After you login to the fake Skype upgrade page, you are prompted to download and install the Skype Premium Setup program (which will then proceed to infect your computer). Shortly after being infected your friends will likely start receiving messages on Skype to follow the same steps as you, which will obviously lead to them being infected as well.
At the time of publication, it appears the fake site is down, however, a new one could appear online at any time.
If you haven’t already, I would recommend reading our article on how to stay secure online.