Over on the Skype community pages there are lots of disgruntled Skype users. For a number of weeks now, many users have been plagued with spoof messages from people on their contact list, telling them to visit a Russian website. Others complain that their contacts say their own account has sent out a similar message. Despite the problem having been reported nearly a month ago, Microsoft has still to address the issue.
For now, all the company has to say is "change your password", insisting that a team is working on the issue. The spoofed message includes a shortened URL, so those clicking it have no idea where it leads until it is too late. Rather than offering a full solution, all Microsoft has to suggest is to change Skype passwords -- it seems the company is too busy focusing on Windows 10 at the moment.
Right now, it's not entirely clear what the problem is. Microsoft remains fairly tight-lipped about things but some Skype users have noticed that their account history shows a number of failed login attempts. Perhaps more worryingly are reports that some users say that their account has been sending out spoof messages to their contacts when they are not even logged into their account.
A pinned response from Microsoft reads:
Our engineers are still looking into this.
Meanwhile we'd recommend everyone to change their account passwords for all your Skype related accounts, i.e. also update your Microsoft account password if you linked that to your Skype account. Here's how: https://support.skype.com/en/faq/FA95/how-do-i-change-my-password.
So far, this is the only real advice that Microsoft has given, and it has left a lot of Skype users feeling frustrated. People who use Skype for business are especially concerned not only because of the security implications, but also because it reflects badly on them if their accounts are used to send out these messages to customers and clients.
For now, all the company has to say is "change your password", insisting that a team is working on the issue. The spoofed message includes a shortened URL, so those clicking it have no idea where it leads until it is too late. Rather than offering a full solution, all Microsoft has to suggest is to change Skype passwords -- it seems the company is too busy focusing on Windows 10 at the moment.
Right now, it's not entirely clear what the problem is. Microsoft remains fairly tight-lipped about things but some Skype users have noticed that their account history shows a number of failed login attempts. Perhaps more worryingly are reports that some users say that their account has been sending out spoof messages to their contacts when they are not even logged into their account.
A pinned response from Microsoft reads:
Our engineers are still looking into this.
Meanwhile we'd recommend everyone to change their account passwords for all your Skype related accounts, i.e. also update your Microsoft account password if you linked that to your Skype account. Here's how: https://support.skype.com/en/faq/FA95/how-do-i-change-my-password.
So far, this is the only real advice that Microsoft has given, and it has left a lot of Skype users feeling frustrated. People who use Skype for business are especially concerned not only because of the security implications, but also because it reflects badly on them if their accounts are used to send out these messages to customers and clients.
