Vishing attack on Skype pushing scareware

Summary:Multiple users are reporting on an ongoing vishing attack at Skype, attempting to social engineer users into thinking they're infected with malware.

Multiple users are reporting on an ongoing vishing attack at Skype, attempting to social engineer users into thinking they're infected with malware.

Here's how it works - victims typically receive a pre-recorded Skype call telling them they are infected with malware and need to visit a specific site:

Hey guys,I am working from home on my BlueCoat laptop. It has the cloud client on it. I have skype on this machine. I get a skype call from a place I didn’t recognize. I answer the call and it is a recorded message. It says I have a fatal virus that needs to be fixed. That I am on Windows7. (I am not.) The recorded message tells me to go to www.helphs.com. ... Can you find anything in our logs about what just happened? Thoughts?

The specific site in question is an online shop pushing rogue AV products and malware cleanup services.

The web sites - helphs.com mentioned in the vishing attack is currently offline.

Have you been a victim of vishing attacks? How did you respond?

Talkback.

Topics: Malware, Collaboration, Security, Social Enterprise

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.