Beware of Phishing Scam Using Skype

There is a new email phishing scam impersonating Skype. The subject of the email reads “You received a new message from Skype voicemail service.”

The scam email spoofs the address “Skype Communications” with the attachment Skype_Voice_Message-7776C24212.zip. In reality the attachment contains an executable, Skype_Voice_M_497564___random_numbers___872345.wav.exe, that installs a Trojan. The body of the email reads:

This is an automated email, please don’t reply.
Voice Message Notification
You received a new message from Skype voicemail service.
Message Details:
Time of Call: Tue, 26 Nov 2013 10:20:24 -0400
Length of Call: 38sec
Listen to the message
in the attached file.
Lost Password • Account Settings • Help • Terms of Use • Privacy
If You Are Still Having Problems
If you’re still having difficulty retrieving your Skype Name please contact a support agent via
https://support.skype.com/support_request
Protect Your Password
Skype staff will NEVER ask you for your password via email. The only places you are asked for your password are when you sign in to Skype or on our website if you want to buy something or check your account. You will always sign in via a secure connection, and we ask you to ensure that the address in your browser begins exactly like this https://secure.skype.com It should also show a little padlock symbol to indicate the secure connection.
Be alert to emails that request account information or urgent action. Be cautious of websites with irregular addresses or those that offer unofficial Skype downloads. Security updates and product upgrades are made available at http://www.skype.com or using the client’s upgrade function.
© 2003-2013 Skype and/or Microsoft. The Skype name, associated trademarks and logos and the “S”
logo are trademarks of Skype or related entities.
Skype Communications S.a.r.l. 23-29 Rives de Clausen, L-2165 Luxembourg.

The Trojan distributed by the exe is known by several names which include Trojan.Agent.BAWV, UDS:DangerousObject.Multi.Generic, Trojan.Zbot, Trojan.Agent.BAWV or Mal/Generic-S.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s