Skype is the latest brand to fall victim to brand jacking. In a newly detected spam campaign, the popular VOIP service is being used in spam messages designed to look like email notifications from friends with the question “Is this your profile?” and a link. Unsuspecting recipients who click on the link are sent to a site that installs malware on their computers, but not just your run of the mill Trojan. Instead, users are infected with the rudely named Dorkbot worm.
Dorkbot is what is known as ransomware. Once installed the worm encrypts every bit of data on the user’s machine, locks them out, and demands a payment of $200 in exchange for releasing the now unusable computer.
A Skype spokesperson told UK tech site V3 they were aware of the threat and urged users to use common sense and protect themselves.
“Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact,” it said. “We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer. Additionally, following links – even when from your contacts – that look strange or are unexpected is not advisable.”
Ransomware is not new, but it is getting increasingly popular and increasingly sophisticated as spammers look for easier and quicker ways to rake in cash. It’s safe to say that most people, upon finding their computer and data locked up and unusable, might panic and be willing to pay whatever it takes to fix things, and that’s what the spammer or group behind this latest campaign is hoping for.