Skype "Baidu" attack

Users around the world have been reporting that either they themselves are receiving unwanted Baidu phishing links or are automatically sending out Baidu phishing links to all of their contacts. 

What makes this unusual is that the messages are being received from contacts that are not necessarily in the users Skype contact list, they are coming from people in their phones address book, or people that are in their facebook friends list - this could indicate that this is more than just a cyber criminal using passwords from a hacked websites data dump, but something exploiting the link between these various online services (you can link your Skype account to your Facebook account).

We have seen reports from users that haven't had Skype installed on any of their devices for years, getting messages from their contacts saying that they have been bombarding them with links to phishing sites on Baidu.

So what can you do if you have been affected by the Skype "Baidu" attack? - here is what we recommend:

  • Firstly, check out HaveIBeenPwned and pop in your Skype username and/or email address to see if your details may have been collected by cyber criminals from another hacked website, then change your passwords on any affected sites (or places where you have used the same password - naughty!).
  • Next, check out the Microsoft Account Activity page to see where your Skype account has been accessed from, this will let you know if anyone has logged into your account and where in the world they are from.
  • Now head over to the Microsoft Security Settings page and enable two-step verification.

Ok, so now you have tidied up your account security, lets unlink your Facebook and Skype accounts:

Skype

  1. Access the Skype Home screen. If you have this turned off by default, you can open the View menu and click Skype Home.
  2. Click on the small cog to the far right-hand side and click Disconnect from Facebook.

Facebook

  1. Login to your Facebook account in a browser.
  2. Click the down arrow menu in the top right-hand corner of the Web site near your name and click Account Settings.
  3. In the menu on the left-hand side, click Apps. Then click the X next to Skype and confirm the removal of Skype in the pop-up window and you are all done.

Your Skype contact list will now only show contacts that have been directly added through Skype.

This should prevent any of these phishing messages being sent out from your account, but don't forget to share this post with your colleagues and contacts to help secure their accounts too!

Skype is a business tool used by millions of people around the world, what with the large scale attack on DNS a couple of weeks ago, are we now moving into a age of CyberCrime 2.0? where cyber criminals have graduated from annoying 409 scams and phishing emails to launching complex global attacks on internet infrastructure?

Stay Safe
Ashley Adkins

Mac OS X Filevault Encryption

Top Tip:

If you have Apple's FileVault encryption activated on your computer and it slips into standby, it will automatically save the encryption keys in the RAM so that the system can quickly resume without having to unlock the entire volume again. Although this may seem like a convenient feature, you might want to stop this from happening in order to ensure maximum security for your system.

To disable the systems ability to store the keys, you need to make a small change to a setting in the system management controller (SMC), which can be done by running the following command in the OS X Terminal program:

sudo pmset -a destroyfvkeyonstandby 1

Once you have run this, it will ask you for your password, pop it in and then reboot your machine and the system will no longer store the FileVault encryption keys in memory when it enters standby.

If for some reason you nee to undo this change then simply repeat the command but switch the 1 for a 0 instead.