back to article Microsoft to spoofed Skype users: Change your account passwords NOW

An unknown number of frustrated Skype customers have been pestered by spoof messages on the Microsoft service for weeks, but the company is yet to close what appears to be a gaping hole in its software. Instead, Redmond has advised Skype users to change their account passwords. But complaints are building up about the lack of …

  1. Anonymous Coward
    Anonymous Coward

    It shows that Microsoft has started working on Skype

    they are implementing new security failures.

    1. Andy Non

      Re: It shows that Microsoft has started working on Skype

      I won't hold my breath waiting for them to update the Linux version of Skype; they haven't touched it for several years!

      1. Anonymous Coward
        Anonymous Coward

        Re: It shows that Microsoft has started working on Skype

        They did an update June last year:

        https://www.phoronix.com/scan.php?page=news_item&px=MTcyMzU

        How strange a Linux user defending Microsoft, what ever next Microsoft writing software for Linux ?

        1. Greg J Preece

          Re: It shows that Microsoft has started working on Skype

          They did an update June last year:

          I was gonna say, if they haven't updated it, why are the Xbox, WLM, etc login options on the splash screen.

          Though why you're wanting more updates is beyond me, really. It functions nicely with a minimalist interface very much like an old IRC client. Everything's in one place, there's no GUI guff, no adverts, none of the crap that has besieged Windows users. True, if we could get an update that added in group video and made the inline images work, that would be nice, but I'm OK with having the Linux client as it is if it means I don't have to have the Windows client.

      2. Nate Amsden

        Re: It shows that Microsoft has started working on Skype

        I hope you are right, the linux version works pretty well for me (use it every day for work (for the past 5 years), 98% text chat, 2% voice chat), and no ads.

        1. getHandle

          Re: It shows that Microsoft has started working on Skype

          It's been a while but I found it flaky as hell from Ubuntu's launcher but perfectly solid from the command line. Go figure!

          1. oldcoder

            Re: It shows that Microsoft has started working on Skype

            That sounds like an environment difference...

            The entry in the menu will not have what gets loaded for an interactive terminal.

        2. P. Lee Silver badge
          Linux

          Re: It shows that Microsoft has started working on Skype

          Yep, the Linux version of Skype is rather good. Let's hope they leave it that way.

          The only tricky bit is pulseaudio. Its a little ephemeral - you have to configure it while skype is running audio or you don't see the skype parameters. At least, that was my experience at one point.

    2. Fatman Silver badge
      Joke

      Re: It shows that Microsoft has started working on Skype

      For about 25ms, I thought it read security features; but reality checked in.

  2. Destroy All Monsters Silver badge
    Facepalm

    Those tweets...

    They make me lock and load my trusty blunderbuss.

    1. veti Silver badge

      Re: Those tweets...

      Yep, apparently scanning Twitter is considered the gold standard in confirming a news story nowadays.

      You must allow, it's quicker than waiting for a spokesdrone at Skype to return our call. And such are the incentives of web journalism that when speed and accuracy conflict, it's poor ol' accuracy to get it in the neck every. single. time.

  3. the_voice_of_reason

    This sort of thing has been happening for years with Hotmail

    I've had a lot of emails from compromised accounts in the past. The flaw is in not having further protection measures in place for un-recognised devices/locations. People are always going to be stupid enough to use the same password/email combo for everything and sooner or later one slips through the cracks. It's not hard to delete a sent message to cover your tracks. I think this sort of thing happening in emails is pretty well documented.

    1. Greg J Preece

      Re: This sort of thing has been happening for years with Hotmail

      Yeah, but....e-mail is terrible. As a protocol, as a tech, it's just awful. It was never meant to do the things it does. Skype is completely unrelated (and a lot newer). It shouldn't have the same issues (or at least not to the same extent, and in my experience it doesn't).

  4. Anonymous Coward
    Anonymous Coward

    Let me see if I understand this, User changes password and that instantly fixes compromised contacts accounts who are sending their fellow skype users spam. Can anyone explain this anomaly?

    Answers on the back of a postcard please, Wood Lane, London W12 8QT.

    1. Anonymous Coward
      Anonymous Coward

      Change your password means

      A lot of accounts have got into the wild, change your password to keep your skype account.

      I had my hotmail account "hacked" and it was far from a dictionary word and included special characters, either some subcontractor supplimented his pay or my account was passed to another "agency" and fell ito the "wrong hands". To recover it they want to telephone you, hmm makes you wonder if there was ever a leak in the first place.

      MS was never known for security by any definition so either they are the apathetic incompetents they appear or they are linking accounts for later use/sale to agencies unknown.

      It wont be long before MS is giving away a free PC with every install of windows but in the interim you will have to pay to be rooted

  5. glussier

    Why don't youi all configure you ms account to send a confirmation code via text message if your account is accessed via an unknown device?

    1. Anonymous Coward
      Anonymous Coward

      I've managed to successfully evade Google and Yahoo

      and you suggest me to give my phone number to Microsoft ?

      1. Mark 85 Silver badge

        Re: I've managed to successfully evade Google and Yahoo

        Google might already have it... and so might others. A friend called me the other night and asked about Facebook wanting his mobile number... the box already had his number in it which he claims he never gave them. I still trying to convince him change it to a bogus number or close/delete as much as possible in his account and then the account. Seems you really can never delete your account.

        All the intertubes are connected.. everyone has everything on all of us. Time to beef up the tinfoil hat, I think.

        1. Pascal Monett Silver badge
          Trollface

          Re: Time to beef up the tinfoil hat

          Nah, no use. We're boned. The entire species is boned.

          Half the planet doesn't get how this Internet thing works yet, the other half doesn't even have computers in the first place. Until such time as our global society has attained a level such as every human being is confronted to the computing experience equally, we are going to be continually plagued by successive waves of clueless users falling into the same traps that were old last millennium.

          Hotmail, Facebook, social media milking your personal data for ad money, it's going to go on forever until every single human understands exactly what it is he's giving up and decides not to play along. Of course, at that point humans will vote responsibly, not accepting corrupt liars and demagogues like today. There will be work for everyone because everyone will understand that one must be useful to society and pay one's taxes if we want this civilization to work out for everyone. It'll be strawberries and cream for everyone, and the likes of Zuckerberg will be in rehab centers to socialize them properly. We will be prancing through the stars, bringing responsible management everywhere we go.

          In other words : it's never gonna happen.

        2. Dan 55 Silver badge

          Re: I've managed to successfully evade Google and Yahoo

          If he's ever used Facebook on a mobile it's got enough permissions to get his contacts, his own contact card, and probably the SIM number just to be sure.

      2. glussier

        Re: I've managed to successfully evade Google and Yahoo

        Why not? Some give theirs to Facebook and Google, which I think are a lot more problem than Microsoft.

    2. Phil W

      This has just happened to me despite having complex passwords and two-factor authentication turned on using the Android Microsoft Account app, rather than SMS.

      The messages were all sent while I wasn't signed in to Outlook or Skype from anywhere (middle of the night, I was asleep) and there are no logins shown on my account activity. Wield.

  6. Anonymous Coward
    Anonymous Coward

    No simple way to delete your old Skype account.

    "Next, contact Skype Customer Service (http://www.skype.com/go/contactcs) and tell us you’d like to close your account."

    Seems like M$ would like to make you jump through hoops, because they want to keep your information. Even deleting a Facebook account is easier.

  7. Steve Evans

    Skype security is a joke...

    My account is set to only accept incoming chat requests by those on the contact list... It still gets several a month from <female_name><random_number>

  8. Peter 39

    Yawn

    Having had my account info swiped a couple of years ago while I was on a short visit to Europe, I have never been amazed at the level of pwnage going on at Skype.

    If MS thinks that this is a good way to deal with mobile and social media then it will confirm all that they've done with killing the PC business.

    Any company that handles web pages in the kernel deserves all this problem, and more.

  9. Micha Roon

    maybe a link to the 14 characters password length

    I'm not saying that 14 characters passwords are inherently insecure. But a company which still limits password length probably has some underlying problem in the management of these secret data.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019