Skype hacking, Skype account Hack, Skype Account Hacked… Personal Emergency.
I run my business and am very dependant on a single VOIP company known as Skype. Alas, many of my friends, clients and employees around the world are also very reliant on Skype. When it becomes unavailable, day turns to night and a strange and an uncomfortable silence is bestowed upon us, it’s rather unpleasant and expensive in terms of lost business and general inconvenience.
Yes, there is email and the good old POTS (I hear you say), but using the Plain-Old-Telephone-Service is horrifically expensive and the quality of the calls is so bad in the places that I need to call that we don’t bother even trying to use a regular telephone. Skype actually does have the best call quality in the countries that I call regularly. Sad, scary and true. I do think that Skype is an incredible (almost) free service that we take for granted. When they went down late December 2010; I didn’t complain. I reminded the Lynch Mob that it would be a travesty to moan about Skype being down for a few days, especially since they were rock solid and FREE for so many years. I come from South Africa originally, and as a kid, making a telephone call was something you thought about. It wasn’t taken for granted. Telephone calls were expensive and a luxury. International calls were virtually never made due to the prohibitive cost. The fact that I can communicate with my family back home and the rest of the world these days so cheaply and easily still feels slightly magical. I am grateful. More than most.
However, today is a little different, I am less humble. My account has been hacked and I can’t get hold of anyone to resolve the problem. I spend an amount of money with Skype each year and my Skype account is set to auto-recharge when the balance runs low. This means that hackers can make a gargantuan amount of free calls as the account will keep topping itself up automatically if they manage to gain access and start using to your Skype account. Hence my sense of urgency around this issue. Fortunately, I use PayPal to fund my Skype account and could stop it reloading itself once I figured what was going on. If you’ve set Skype to use your bank account as the source of funding, it could cost you an arm and a leg.
I’m pissed off at Skype’s “un-contactable-ness” in these situations. They don’t have a public email address or telephone number, their “support” (official or casual member community) is unobtainable if you don’t have access to your account, I didn’t have access to my Skype account as it was hacked. It also feels somewhat “dodgy”, with “Joe Blogs” offering to help other people with their “security issues” on a public forum. Very strange. I couldn’t login, change the password, gain access or do a bloody thing with my Skype account because the hacker had changed my account access and the password reset function didn’t work, probably because he was still logged in to my account… #Fail.
I’ve been very proactive in a bid to get my account “fixed” today, but to no avail thus far… I’m trying to keep in mind that they do offer an amazing service and they can’t provide comprehensive support as they probably don’t make much money per user. However, security breaches should be treated differently as it involves peoples money and data. I resent their lack of interest and urgency.
To cut a long story short (er), I started with their “https://support.skype.com/en-gb/support_request?” link. It makes it clear that you should let them know immediately if your account has been compromised. I quote:
“If you suspect that someone else has your Skype name and password, you should tell us about it immediately, so we can investigate further and reset the account back to you. You should also change your password as soon as possible and check your computer’s security.”
Now, following their link here: “you should tell us about it immediately” and then clicking the little boxes brings you back to the same page in one big loop. It’s very counter intuitive. However, if you’re reading this post in desperation, do scroll down and fill in the form, it is what you need to do. The next screen was a “Thank-You message” so I know that my “contact” was received.
My D.I.Y Skype fixing activities thus far today: (without response)
a) I have sent two contact form requests (security breach things), stating that I believe my account has been hacked.
b) I’ve Tweeted @Skype and @PeteratSkype (Skype’s blogger and Twitterer in chief) as well as @adrianasher (Chief Information Security Officer)
c) I’ve also Tweeted a message with the Skype hashtag (Skype#) hoping to get some attention.
d) Emailed support@Skype but there is an auto-response which redirects you to their support.skype domain.
e) I’ve tried to reset my password multiple times, but it didn’t work. I like the Token trick, it’s nifty. Wish it worked.
f) I tried (in vain) to call a number that I found on a random website that happened to list Skype’s (apparent) number in the Netherlands.
g) I’m now writing this blog post about Skype and it’s insecurities, lest not forget it’s underwhelming service.
I don’t care about the money I’ve lost, it’s not that much. All I want it my beloved Skype back, although, I am starting to believe that this marriage may need some serious consideration as the love is quickly slipping from my grasp and I’m contemplating an affair with another VOIP provider. I’ve simply grown too dependant Skype and it’s prudent to consider that this may keep happening or we may get a “big outage” at some stage which would cripple me and my little business.
Skype does have security issues, rather large ones too; I’ll highlight them for Mr. Adrian Asher (Chief Information Security Officer), even though he does have significant experience in Banking and Gambling security.
If you read this Adrian Asher from Skype, perhaps mull over a few points I’ve made here:
1. Your security algo’s may need a tweak or two, if they even exist. How a password change, combined with highly unnatural usage of the account and then with telephone calls to random countries which have NEVER been called before COMBINED WITH constant automatic reloading and exhausting of the account hasn’t thrown a red flag is beyond me.
2. Skype as a company doesn’t seem to take it’s security very seriously, maybe that should have been point number one… (Appearances are everything and this is like Roadkill)
Here are the calls that this “dude” routed through is Mud Hut or whatever for a few Dollars:
Apr 10 22:48 +20162614263, Egypt Call £0.089 00:01 £0.148
Apr 10 22:48 +233542745782, Ghana Call £0.190 00:00 £0.000
Apr 10 22:42 +233243503337, Ghana – Mobile Call £0.190 02:55 £0.629
Apr 10 22:42 +20162614263, Egypt Call £0.089 02:38 £0.326
Apr 10 22:41 +20162614263, Egypt Call £0.089 00:00 £0.000
Apr 10 22:41 +233542745782, Ghana Call £0.190 00:00 £0.000
Apr 10 22:39 +233243503337, Ghana – Mobile Call £0.190 02:25 £0.629
Apr 10 22:38 +20162614263, Egypt Call £0.089 02:41 £0.326
Apr 10 22:38 +20162614263, Egypt Call £0.089 00:00 £0.000
Apr 10 22:38 +233542745782, Ghana Call £0.190 00:00 £0.000
Apr 10 22:37 +20162614263, Egypt Call £0.089 00:00 £0.000
Apr 10 22:37 +233542745782, Ghana Call £0.190 00:00 £0.000
Apr 10 22:29 +233546018537, Ghana Call £0.190 06:53 £1.389
Apr 10 22:29 +20162614263, Egypt Call £0.089 06:48 £0.682
Apr 10 21:59 +221776144474, Senegal Call £0.222 24:20 £5.609
Apr 10 21:57 +221776245258, Senegal Call £0.222 00:19 £0.281
Apr 10 21:53 +221773508663, Senegal Call £0.222 00:22 £0.281
Apr 10 21:53 +221773508663, Senegal Call £0.222 00:00 £0.000
Apr 10 21:49 +221773508663, Senegal Call £0.222 02:50 £0.725
Apr 10 21:17 +221779902543, Senegal Call £0.222 30:30 £6.941
Apr 10 21:15 +213557936486, Algeria Call £0.250 00:00 £0.000
Apr 10 21:14 +213557936486, Algeria Call £0.250 00:00 £0.000
Apr 10 21:13 +213557936486, Algeria Call £0.250 00:00 £0.000
Apr 10 21:12 +213557936486, Algeria Call £0.250 00:00 £0.000
Apr 10 21:12 +213557936486, Algeria Call £0.250 00:00 £0.000
Apr 10 21:11 +213557936486, Algeria Call £0.250 00:00 £0.000
Apr 10 21:09 +221779902543, Senegal Call £0.222 05:11 £1.391
Apr 10 20:09 +18328933755, USA Call £0.014 00:36 £0.043
Apr 10 19:57 +22505840727, Cote d’Ivoire – Mobile Call £0.148 06:50 £1.095
Apr 10 19:37 +22676536562, Burkina Faso Call £0.200 17:54 £3.659
Apr 10 19:36 +22247904750, Mauritania Call £0.185 00:00 £0.000
Apr 10 19:35 +22547277921, Cote d’Ivoire Call £0.148 00:00 £0.000
Apr 10 19:27 +22507591806, Cote d’Ivoire – Mobile Call £0.148 04:19 £0.799
Apr 10 19:26 +22520375787, Cote d’Ivoire Call £0.130 00:06 £0.189
Apr 10 19:25 +22520375787, Cote d’Ivoire Call £0.130 00:26 £0.189
Apr 10 19:24 +22547277921, Cote d’Ivoire Call £0.148 00:00 £0.000
Apr 10 19:20 +22507862403, Cote d’Ivoire – Mobile Call £0.148 03:17 £0.651
Skype’s security issues appear to be systemic, I’ve taken a snapshot of a Twitter search, this is just the last day or so, albeit two Tweets of the Tweets are mine.
My home PC auto-logged into Skype. (WTF) That’s how I’ve managed to see my calls for this blog post, even with my old password?! Although only two of my contacts appear to be online…
It’s time to attempt to get some help and talk to someone on Skype’s official live chat support as my machine seems to have half-logged-in and thus, this urgency brings the end of this blog post. (I’m sure you’re relieved.)
Carpe Diem. Skype Account Diem. Au Revoir.
ps: I’m in a rush, hungry and frustrated and am therefore not going to proof read this post. It’s probably littered with typo’s and grammatical errors. However, I hope this has an effect on getting my account fixed, sends a message to Skype about their “issues” and provides some comfort to you in knowing you’re not alone when it comes to this particular Skype problem.