{"id":4733,"date":"2015-03-24T15:00:36","date_gmt":"2015-03-24T19:00:36","guid":{"rendered":"http:\/\/www.kaspersky.co.in\/blog\/?p=4733"},"modified":"2020-02-26T20:28:38","modified_gmt":"2020-02-26T14:58:38","slug":"skype-fraud-story","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.in\/blog\/skype-fraud-story\/4733\/","title":{"rendered":"Fraudsters hacked Skype and tricked victim’s friends to send them about $5000"},"content":{"rendered":"

Editorial note: Sergey Dolya<\/a>, the author of this post is one of the most popular Russian bloggers. This story recently involved\u00a0one of his friends. The victim was Katya Turtseva<\/a>, a high-ranking employee of an\u00a0international IT company<\/a>. We mention this to make it clear that in this specific case, the victim knew a thing or two about security.<\/em><\/p>\n

Recently a friend of mine had her Skype account hacked. Scammers decided to use this opportunity to trick people from her contact list out of their money, and in just one hour they received more than 100,000 rubles (about $1,500)!<\/p>\n

To the thieves benefit, there were a lot of people in her contact list: about 300 of them. The scammers decided to ask her friends to borrow relatively small sums of money, 15,000 rubles (about $250) \u2019till tomorrow\u2019. In fact, this is the maximum amount Yandex Money<\/a> (a popular Russian payment system) allows to transfer at a time.<\/p>\n

The plan was simple: \u2018Katya\u2019 wanted to buy some goods online but had no money on her Yandex Money account. This approach had credibility and made people believe that they were speaking with the victim. They decided to transfer money without a call to their friend; some of them even sent money twice.<\/p>\n

This is one of the conversations fraudsters (F) had\u00a0with one of the victim\u2019s friends (V):<\/p>\n

F: OK. I\u2019ll get straight to the point: I need your help.
\nV: What\u2019s happened? Spill it! And send me a photo.
\nF: I wanted to borrow money till tomorrow
\nV: How much? I can send you money, if I have enough in my account.
\nF: 15 thousands (rubles)
\nV: OK, sure. Where do I send it?
\nF: Thanks
\nV: How should I send it?
\nF: I need to pay with a card but my account is empty. Can you pay?
\nV: No problem
\nF: http.yandex\u2026. (the link to payment page)
\nV: I need a recipient\u2019s bank account
\nF: hey! where are you?
\nV: was changing nappy
\nF: oh. here it is: (number of fraudsters\u2019 account)
\nV: I\u2019ll take a photo of the invoice and lull Vanya asleep. He is crying.
\nF: OK, I\u2019ll be online
\nV: OK
\nF: Oh, Lena, coming to think of it. Do you have another 15,000? If not, it\u2019s OK you\u2019ve already helped a lot! But if you have, I\u2019ll send you back 30,000 tomorrow + commission at my expense<\/p>\n

\"Fraudsters<\/a><\/p>\n

When everything came to light, it was\u00a0very difficult\u00a0to do almost anything to fix this problem.<\/p>\n

A few days were spent communicating with the Skype support service: employees needed more than 24 hours to understand what had happened. When they figured out that Katya\u2019s account had been hacked, they sent her a link to a password recovery form, totally ignoring the part of the letter in which Katya explained that scammers had changed the associated e-mail as well.<\/p>\n

Next, the support service asked Katya to fill in the verification form, twice. It was the three\u00a0days since the start of this scamming affair and fraudsters were still persistently sending their requests through the contact list. Support service refused to block Katya\u2019s account until they were able to clarify the situation through-and-through.<\/p>\n

In the end, Katya correctly answered all questions from verification form except one: when was your Skype account created. The support service decided that the whole situation was too complicated and recommended that she\u00a0create another account! By that time, the fraudsters had already stolen about $5,000.<\/p>\n

Sergey Dolya @dolyasergey tells how his friend had her #Skype hacked and used for money scamming<\/p>Tweet<\/a><\/blockquote>\n

Meanwhile, one of Katya\u2019s friends tried to get a refund. She blocked her card and asked her bank to cancel the payment. Her request was formally accepted. The bank confirmed that she had never worked with this shop before and asked her to file a complaint at the local police department. Her bank requested a copy of this complaint to initiate the investigation of the\u00a0case.<\/p>\n

The police sent her back to the bank: in addition to\u00a0a whole bunch of different documents, they needed a document from her bank saying that the investigation had been launched. There was a lot of back and forth at that point. They were dealing with a local police department that had no\u00a0experience in a situation like this. At the local police department, Katya\u2019s friend was told that she should send her request to a main police office in Moscow.<\/p>\n

<\/post><\/p>\n

After that, Katya\u2019s friend called her bank once again. Her card was blocked as well as the money transfer, but it would be tied-up until the merchant applied for it. When the investigation actually starts, they will ask for a money refund from the merchant\u2019s bank. The possibility of a successful solution to this problem seems to an unlikely dream.<\/p>\n

When other users tried writing to the fraudsters,\u00a0directly. The fraudsters did not believe that police would do anything substantial on this case. Obviously they clearly understood the imperfection of Russian legal system combined with the Skype security policy:<\/p>\n

\u2014 ***, guys, give us an interview, at least in chat
\n\u2014 ***, f*** off, don\u2019t f*** my brain)
\n\u2014 Come on, we do wonder. Katya says you\u2019ve already gathered 100,000 rubles
\n\u2014 They say she has gone to the police. And let God bless her there\u2026 I\u2019m blessed with my anonymity
\n\u2014 It\u2019s unlikely that I can break your anonymity by chat
\n\u2014 You\u2019re just disturbing me<\/p>\n

\"Fraudsters<\/a><\/p>\n

It seems that the only one thing that you can do in this case is to secure your accounts. Here are a few tips:<\/p>\n