Skype phishing attack targets remote workers

New phishing campaign spoofs Skype to trick victims

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Remote workers have been warned to take extra care when usingvideo conferencing softwareafter a new phishing scam was uncovered.

Researchers from security firm Cofense have revealed hackers are using emails pretending to be fromSkype, the popularMicrosoft-owned video calling tool, in order to trick home workers into handing over their login details.

Criminals could then use these logins to access corporate networks to spread malware or steal valuable information.

Skype security

Skype security

The report, released by theCofense Phishing Defense Center(PDC) saw attackers creating an email that looks eerily similar to a legitimate pending notification coming from Skype. If an unsuspecting recipient goes to “review” the notification, they are redirected via an app.link to a phishing page designed to harvest your password.

The use of .app top-level domains (TLD) adds an extra layer of deception to the attack, as this TLD is backed byGoogleto help app developers securely share their apps.

An .app domain also requires the use of HTTPS to connect, adding security on both the user’s and developer’s end - in this case, making the victim consider they are clicking on a legitimate link.

Cofense says that such fake emails can be detected through checking the “sent from” field, as although the sender address may appear legitimate at first glance, the real sender can be found there, exposing them as a fraud.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

TechRadar Prohas contacted Skype for comment.

Video calling apps such as Skype have seen a huge rise in users over the past few weeks as employees around the world transition to working from home.

However this growth has also revealed a number of security worries, withZoomin particular having several issues highlighted. Even though the platform has seen its users base surge to 200 million, it has been heavily criticised for failing to stop Zoombombing incidents and for sending data to Facebook and China.

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time