If you've received a weird message on Skype with a link to Baidu or LinkedIn recently, you're not alone. In the past couple of weeks, I've received spam links to Baidu from six of my Skype contacts, one of whom works for Microsoft's PR agency and another is a former Microsoft employee. All were surprised to see their accounts breached, and some believed they were protected by Microsoft's two-factor authentication. That wasn't the case, though.

A thread on Microsoft's Skype support forums reveals this has been occurring to hundreds of Skype users since at least August. Breached Skype accounts are used to send thousands of spam messages before they're locked and the owners have to regain access. Skype has fallen victim to similar attacks before, and hackers were able to spoof messages on the system last year after using lists of stolen usernames and passwords to gain access to accounts.

"Some Skype customers have reported their accounts being used to send spam," says a Microsoft spokesperson in a statement to The Verge. "There is no breach of Skype security, instead we believe criminals are using username and password combinations obtained illegally to see if they exist on Skype. We continue to take steps to harden the login process and recommend customers update their Skype account to a Microsoft account to benefit from added protections such as two-factor authentication."...


Read more: Why are Skype accounts getting hacked so easily? - The Verge