Skype falls victim to Baidu link spam, here’s how to secure your account

3 min. read

Updated onOctober 4, 2023

updated onOctober 4, 2023

Share this article

Improve this guide

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

A gang of hackers has madeSkypetheir latest target for generating spam links. During the past couple of weeks, Skype users have reported encountering links in their Skype chat that redirect them to either Baidu or LinkedIn.

After a deeper analysis, a thread on Microsoft’s Skype support forum suggested the spam links date back to August. Hundreds of Skype users have fallen prey to the scam after receiving spam messages from infringed accounts. But how exactly were the accounts compromised?

Users also stated they did not encounter any suspicious links or files prior to receiving the redirectURLs. It shows that the hackers have somehow managed to find a gateway through Skype’s security. Even the users who have their two-step verification procedure activated have felt the heat of the hack attack.

Upon inquiry, a Microsoft spokesperson denied all the allegations regarding thesocial spam. This is not the first time Skype has fallen victim to such attacks. Hackers previously acquired stolen usernames and passwords to gain access to registered Skype accounts. It is possible they obtained credentials by other means to carry out this latest attack.

Some Skype customers have reported their accounts being used to send spam. There is no breach of Skype security, instead we believe criminals are using username and password combinations obtained illegally to see if they exist on Skype. We continue to take steps to harden the login process and recommend customersupdate their Skype account to a Microsoft accountto benefit from added protections such as two-factor authentication.

Another interesting fact regarding the scam is that even those users who have linked their Microsoft and Skype accounts together are still in danger. However, the said approach is known to eliminate the Skype login in favor of yourMicrosoft accountinformation. That is a plausible explanation behind the breach of two-factor authentication. As Microsoft keeps your originalSkype IDand password active, users have the possibility to access the service using their old credentials.

How to stay safe from Skype spams

There is, however, a way to minimize the vulnerability to such attacks which involves merging your Skype ID with a Microsoft account (even if they’re already linked). This could potentially limit the threat of hackers gaining illicit access to your accounts.

Steps to merge a Skype with a Microsoft account

Once you are done, aSkypealias will be created to let yousign in with a Skype username. You can either use it or even disable it under the alias preferences. That would restrain third-party users from signing in with your Skype username.

Whatever the case, you will then be unable touse your old Skype passwordanymore. On the bright side, intruders would be denied access to your account until they know your email address.

Though the process may seem painstaking, it is necessary for maximum account security.

Skype falls victim to Baidu link spam, here’s how to secure your account#

How to stay safe from Skype spams#

Steps to merge a Skype with a Microsoft account#

Skype falls victim to Baidu link spam, here’s how to secure your account

How to stay safe from Skype spams

Steps to merge a Skype with a Microsoft account