Festive season brings a lot of Spam with it, and looks like Apple users are not alone. A lot of Skype users seems to have reported about spam messages with links to Baidu or LinkedIn. And its pretty serious.
Reported by The Verge, the hackers have managed to get hold of Skype accounts and use them to send spam. It is surprising, that hackers where about to bypass the two-factor authentication linked with your Microsoft Account.
“Some Skype customers have reported their accounts being used to send spam,” says a Microsoft spokesperson in a statement to The Verge. “There is no breach of Skype security, instead we believe criminals are using username and password combinations obtained illegally to see if they exist on Skype.
We continue to take steps to harden the login process and recommend customers update their Skype account to a Microsoft account to benefit from added protections such as two-factor authentication.”
Only after this report I realised that it was not accidental to receive a Baidu link from one of my contact. I ignored it, but the reason is now clear.
So how does one bypass the two factor authentication? Its difficult right? So looks like what has happened is that users are still able to login using the old Skype username and password even if it is linked with Microsoft account. This simply means that the old way to login to Skype still works, and nobody knows why two ways to get into an account is still working.