{"id":5570,"date":"2015-03-25T06:14:25","date_gmt":"2015-03-25T10:14:25","guid":{"rendered":"http:\/\/kasperskydaily.com\/uk\/?p=5570"},"modified":"2020-02-26T15:11:03","modified_gmt":"2020-02-26T15:11:03","slug":"fraudsters-hacked-skype-and-tricked-victims-friends-to-send-them-5000","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/fraudsters-hacked-skype-and-tricked-victims-friends-to-send-them-5000\/5570\/","title":{"rendered":"Fraudsters hacked Skype and tricked victim&#8217;s friends to send them $5000"},"content":{"rendered":"<p><em>Editorial note: <\/em><a href=\"https:\/\/www.facebook.com\/SergeyDolya.ru\" target=\"_blank\" rel=\"noopener nofollow\"><em>Sergey Dolya<\/em><\/a><em>, the author of this post is one of the most popular Russian bloggers. This story has happened recently with one of his friends. As it turned out after Sergey have published his <\/em><a href=\"http:\/\/sergeydolya.livejournal.com\/938717.html\" target=\"_blank\" rel=\"noopener nofollow\"><em>original post<\/em><\/a><em>, the victim was Katya Turtseva, high-ranking employee of <\/em><a href=\"http:\/\/en.wikipedia.org\/wiki\/Acronis\" target=\"_blank\" rel=\"noopener nofollow\"><em>international IT company<\/em><\/a><em>.\u00a0<\/em><\/p>\n<p>Recently a friend of mine has had her Skype account hacked. Scammers decided to use this opportunity to trick people from her contact list out of their money. And in just one hour they received more than 100,000 rubles (about $1,500)!<\/p>\n<p>There was\u00a0a lot of people in her contact list: about 300 of them. Scammers decided to ask her friends\u2019 to borrow relatively small sums of money, 15,000 rubles (about $250) \u2019till tomorrow\u2019. \u00a0 This is the maximum amount <a href=\"http:\/\/en.wikipedia.org\/wiki\/Yandex.Money\" target=\"_blank\" rel=\"noopener nofollow\">Yandex Money<\/a> (a popular Russian payment system) allows to transfer at a time.<\/p>\n<p>The idea\u00a0was simple: \u2018Katya\u2019 wanted to buy some goods online but had no money on her Yandex Money account. This bite-sized approach had credibility and made her friends believe that they were speaking with the victim. They decided to transfer money without a call to their friend; some of them even sent money twice.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/03\/05195457\/skype01.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-5572\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/03\/05195457\/skype01-1024x328.jpg\" alt=\"skype01\" width=\"1024\" height=\"328\"><\/a><\/p>\n<p>This is one of the conversations fraudsters (F) made with of victim\u2019s friends (V):<\/p>\n<ul>\n<li>F: OK. Get straight to the point: I need your help.<\/li>\n<li>V: What\u2019s happened? Spill it! And send me a photo.<\/li>\n<li>F: I wanted to borrow money till tomorrow)<\/li>\n<li>V: How much? I can send you money, if I have enough on my account.<\/li>\n<li>F: 15 thousands)<\/li>\n<li>V: OK, sure. Where to send?<\/li>\n<li>F: Thanks)<\/li>\n<li>V: Tell me how to send?<\/li>\n<li>F: I need to pay with a card but mine is empty. Can you pay?<\/li>\n<li>V: No problem<\/li>\n<li>F: http.yandex\u2026. (the link to payment page)<\/li>\n<li>V: I need a recipient\u2019s bank account<\/li>\n<li>F: hey! where are you?<\/li>\n<li>V: changed nappy<\/li>\n<li>F: oh)) here it is: (number of fraudsters\u2019 account)<\/li>\n<li>V: I\u2019ll take a photo of invoice and lull Vanya asleep. He is crying.<\/li>\n<li>F: OK, I\u2019ll be online<\/li>\n<li>V: OK<\/li>\n<li>F: Oh, Lena, coming to think of it. Do you have another 15,000? If not, it\u2019s OK you\u2019ve already helped a lot! But if you have, I\u2019ll send you back 30,000 tomorrow + commission at my expense<\/li>\n<\/ul>\n<p>After the dust had settled, it turned out there was little they people could do to get their money back.<\/p>\n<p>A few days were spent communicating with Skype support service trying to get to the bottom of the problem, however employees needed more than 24 hours to understand what had happened. When they figured out that Katya\u2019s account had been hacked, they sent a link to a password recovery form,\u00a0without realising that the hackers had changed the email address that was associated with the account.<\/p>\n<p>Onwards, support service asked Katya to fill in the verification form, twice. After three days, the scammers were still sending requests to people on Katya\u2019s friends list. Support service refused to block Katya\u2019s account until they had clarified the situation.<\/p>\n<p>Katya correctly answered all questions from verification form except one: when was your Skype account created. The support service decided that the whole situation is too complicated and recommended her to create another account! By this time, fraudsters had already walked away with around $5,000.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Sergey Dolya @dolyasergey tells how his friend had her #Skype hacked and used for money scamming<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F6o1q&amp;text=Sergey+Dolya+%40dolyasergey+tells+how+his+friend+had+her+%23Skype+hacked+and+used+for+money+scamming\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Meanwhile, one of Katya\u2019s friends tried to get refund: she blocked her card and asked that her bank cancel the payment. Her request was accepted. The bank confirmed that she had never worked with this shop before and asked her to file a complaint at the local police department. Her bank requested a copy of this complaint to initiate the investigation of this case.<\/p>\n<p>The police sent her back to the bank: apart from the ordinary documents that were normally needed,\u00a0they needed a document from her bank\u00a0stating\u00a0that an \u2018investigation\u2019 had been launched.\u00a0She found herself bouncing between the police and the bank, with no real end in sight. \u00a0Eventually, the police told her the best thing to do was to call the Moscow police, to see if they could assist.<\/p>\n<p>After that Katya\u2019s friend called her bank again. Her card was blocked as well as the money transfer, and it would remain tied-up until the merchant applies for it. Then the bank would transfer the money.\u00a0So it seems that the money is stuck in no-man\u2019s-land\u2026<\/p>\n<p>When other users tried writing to fraudsters, they didn\u2019t get much luck in appealing to their altruistic side: the fraudsters did not believe that police would do anything substantial on this case and they obviously understood that the Russian legal system combined with Skype security policy made most attempts at resolution moot:<\/p>\n<p>\u2014 ***, guys, give us an interview, at least in chat<\/p>\n<p>\u2014 ***, f*** off, don\u2019t f*** my brain)<\/p>\n<p>\u2014 Common, we do wonder. Katya says you\u2019ve already gathered 100,000 rubles<\/p>\n<p>\u2014 Say her go to police. And let the God bless her there\u2026 and I\u2019m blessed with my anonymity :C<\/p>\n<p>\u2014 It\u2019s unlikely that I can break your anonymity by chat<\/p>\n<p>\u2014 You\u2019re just disturbing me<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/03\/05195455\/skype03.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-5573\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2015\/03\/05195455\/skype03-1024x653.jpg\" alt=\"skype03\" width=\"1024\" height=\"653\"><\/a><\/p>\n<p>It seems that the only one thing that you can do in this case is to secure your accounts. Here are a few tips for you to follow:<\/p>\n<p>\u2014 The best and the most obvious tip is to use a <a href=\"https:\/\/www.kaspersky.com\/blog\/false-perception-of-it-security-passwords\/\" target=\"_blank\" rel=\"noopener nofollow\">reliable password<\/a>! Everybody knows it but there is still <a href=\"https:\/\/www.kaspersky.com\/blog\/25-worst-passwords-2014\/\" target=\"_blank\" rel=\"noopener nofollow\">a lot of thoughtless people<\/a>.<\/p>\n<p>\u2014 Don\u2019t use the same password for different accounts. If you do, there\u2019s a chance you can\u00a0<a href=\"https:\/\/www.kaspersky.com\/blog\/primary-webmail-protection\/\" target=\"_blank\" rel=\"noopener nofollow\">lose all your accounts<\/a>.<\/p>\n<p>\u2014 Use <a href=\"https:\/\/www.kaspersky.com\/blog\/what_is_two_factor_authentication\/\" target=\"_blank\" rel=\"noopener nofollow\">two-factor authentication<\/a> to protect your accounts. In this case you\u2019ll receive a short code via SMS or e-mail and use it as a second password.<\/p>\n<p>\u2014 Don\u2019t click suspicious links: there are a lot of <a href=\"https:\/\/www.kaspersky.com\/blog\/how-to-avoid-phishing\/\" target=\"_blank\" rel=\"noopener nofollow\">pages in the web that steal your data<\/a>. It\u2019s called phishing.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Editorial note: Sergey Dolya, the author of this post is one of the most popular Russian bloggers. This story has happened recently with one of his friends. As it turned<\/p>\n","protected":false},"author":590,"featured_media":5571,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,9],"tags":[2412,189,80,78,82,344,187,363,43,701,97,345,131],"class_list":{"0":"post-5570","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-tips","9":"tag-advice","10":"tag-data-security","11":"tag-fraud","12":"tag-hackers","13":"tag-hacking","14":"tag-online-protection","15":"tag-passwords","16":"tag-personal-data","17":"tag-privacy","18":"tag-scam","19":"tag-security-2","20":"tag-skype","21":"tag-tips"},"hreflang":[{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/fraudsters-hacked-skype-and-tricked-victims-friends-to-send-them-5000\/5570\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.uk\/blog\/tag\/advice-2\/","name":"advice"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/5570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/users\/590"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=5570"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/5570\/revisions"}],"predecessor-version":[{"id":19203,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/5570\/revisions\/19203"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media\/5571"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=5570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=5570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=5570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}