Beware of Links to Baidu in Skype Messages

I recently logged into Skype and received two messages from people who I haven’t spoken too in years. Both messages contained a URL to Baidu with my Skype username at the end. I immediately became suspicious and after a cursory search of Google, I discovered that I wasn’t the only one receiving these messages.

Baidu Links in Skype Messages
Baidu Links in Skype Messages

According to a support document published by Claudius, Community Manager at Skype, the accounts sending the messages are most likely compromised. The document offers a list of steps that includes, checking your computer for malware, changing passwords, and increasing the security of your Skype account.

Tips to Strengthen the Security of Your Skype Account

Microsoft recently made changes so that Skype, Office, Xbox, and other Microsoft services can be managed with a single account. If you haven’t upgraded your Skype account to a Microsoft account, visit Microsoft’s account page and enter your Skype username and password. You’ll be prompted to upgrade which can only be done once.

Once upgraded, click on the Security and Privacy settings link. This is where you can change your password, add security information, and enable two-step verification.

Two Factor Authentication Enabled
Two-Step Verification Enabled

It’s important to note that in recent years, there have been major data leaks where the login credentials of millions of people have been exposed to the public. If you use the same password on multiple sites, visit Have I Been Pwned and check to see if your password was leaked. If you see the Oh no — pwned! message, you should update your password immediately.

Create a New Primary Alias

In addition to changing passwords and turning on two-step verification, you should limit the aliases that are allowed to login to your account. By default, your Skype username is the primary alias. You should change this to an email address or a phone number and disable your Skype username. Allowing only one alias that’s different from your Skype username limits the amount of entry points into your account.

Keeping Tabs On Your Skype Account

One of the major benefits of upgrading a Skype account to a Microsoft account is the ability to view recent activity. To view the most recent activity, click the Security and Privacy link and click on the see my recent activity link.

How to View Recent Activity
How to View Recent Activity

This will inform you of successful and unsuccessful login attempts. Some users who have unwillingly sent spam messages with links to Baidu confirmed through the recent activity page that their login credentials were compromised. In addition to the recent activity page, users are encouraged to enable and create alerts to be notified of suspicious activity.

If you receive messages out of the blue on Skype with links to Baidu or LinkedIn, do not click them. Delete the message, send the user a link to this page, and inform them that their account may be compromised.


6 responses to “Beware of Links to Baidu in Skype Messages”


Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

%d bloggers like this: