New malware poses as Skype password notification

Skype users still reeling from a recent "lol trick" that allowed hackers to take over their computers were warned against a new threat targeting them.

 

In a blog post, security vendor Sophos said the new threat involves emails posing as Skype password change notifications.

 

"(A) file (Skype_Password_insctructions.zip) is attached to the email, and if you make the mistake of unzipping and executing its contents (Skype_Password_inscructions.pdf.exe) you run the risk of infecting your Windows computer," it said.

 

"The danger is, of course, that users worried by the recent worm will be frightened that their Skype password has been changed without their consent, and open the attachment - and thus infect their PC," it added.

 

It pointed out, however, that users can tell the email is suspicious because of a "clumsy spelling mistake."

 

Sophos said the email contains malware detected by Sophos products as Troj/Backdr-HN. It said this "opens a backdoor onto your computer, giving remote hackers access to your system."

 

It reminded Skype users to remain on the lookout for unsolicited suspicious emails and always be wary of opening attachments which arrive out of the blue.

 

Also, it noted that in this case, the file attached to the email is using the well-known "double extension trick" to dupe the unwary into believing that they might be clicking on a PDF rather than executable code. — TJD, GMA News