A Skype scam bot attempted to lure our CEO. This is what happened.
Skype scams have been around for ages. With technology constantly evolving, one would think that chat bots get a little more convincing too. As it so happens I recently got a contact request from a nice young lady that had something very special to offer.
I thought, OK, let’s play it through once and take some screenshots of the conversation:
This is how it works
Obviously, Katrina Kauffman is not a real woman (or even a man), but an automated program. At this point it is unclear if the bot hijacked someone’s personal Skype account by hacking their password or if the user account was just created to fool people.
The only purpose of the bot is to convince people to provide their credit card information on a fraudulent website. The shorturl leads to a fake adult entertainment website where you are supposed to sign up to see more.
Example 2
Just a few weeks later I have received another contact request from a lady called “dear.churchill”. It was obviously a scam bot too and looked like it was made by the same people that were behind the first one. The only ‘improvement’ I could notice was that the new version also had a proper profile image set.
How to recognize a scam-chat-bot?
- Ask any question. In the case above, the bot ignored what I was writing or asking and just kept sending me messages, trying to convince me to sign up and pay.
- Watch for behavior patterns. This bot didn’t just run a series of plain messages. It always waited for me to say something first, then posted a message back after exactly 30 seconds. When I paused, the bot paused too. When I typed more, the bot replied more.
What to do now?
If you think you have already fallen for a (suspected) Skype or credit card scam, contact your bank or credit card provider as soon as possible and ask them to cancel your card immediately. Otherwise scammers could use your credit card for purchasing goods on the Internet (or worse) and you’ll end up with a pile of debt – or even be at risk of criminal conviction.
Emsisoft Enterprise Security + EDR
Robust and proven endpoint security solution for organizations of all sizes. Start free trial