Ask Slashdot: How To Track a Skype Account Hijacker? 152
An anonymous reader writes "My Skype account was hijacked, which I discovered after Skype suspended it for suspicious activity, including a number of paid calls and an attempt to debit my card. Now that I've secured the account again, I can see the call history — there are several numbers called in Senegal, Mali, Benin and Philippines. Obviously I could call them myself and create a bit of havoc in their lives, but ideally I'd like to trace the hijacker himself — perhaps with some kind of 'social engineering' approach. Or is it just a waste of time?" How would you do this, and would you bother?
No point (Score:2, Interesting)
Sadly there's no point in bothering. It could be that the numbers they called are 'premium' numbers and its possible that your account is gonna get charged a whole ton of money from those 'services' that were set up specifically for this kind of thing.
Post numbers (Score:5, Interesting)
1] Post the numbers dialed to 4chan
2] Wait for the onslaught of harassing calls
3] ???
4] Profit
Re:What about the IP (Score:5, Interesting)
Won't Skype tell you the IP that was used by the thief?
No, they won't. In general companies tell you to contact the police, etc and go out of their way to be useless.
Some months ago I had someone purchase a plane ticket using my credit card. My bank sent me a SMS when the charge was made (usual alert system, they SMS each time there's a charge). I had the phone with me so I could do something instantly. This is what happened:
- The charge was made for a plane ticket on Airchile according to the SMS.
- I called the bank *inmediately* (as the SMS said) to notify them of the charge. Well, guess what, it was a Sunday at 23:00 or so and they were closed. So the bank couldn't help.
- I drove to the airport to talk to Airchile, which happened to be opened at the time because they was a flight leaving from Madrid to Santiago in a couple hours (I was hoping that the bastard was there). They couldn't help.
- I went to the police station in the airport and they couldn't help because I needed a bank statement before they could do anything. Really? I have to wait until the end of the month before I can file a report with the police?
You see - even if you are really willing to track things down and not demand your money back, the other parties involved rarely assist.
Eventually I got my statement, filed the report (useless at the time of course) and got my money. But I great chance to catch the guy was lost.
Customer defined fraud (Score:3, Interesting)
I had a similar experience - my account was emptied of its five GBP of credit.
I emailed Skype - "there have been fradudent calls, I've changed my password".
Their reply? (slightly paraphrased)
"You must have been responsible for the breach, as our security is perfect. We do not refund fraudulent calls due to customer error. We've locked your account, so you'll need to send us proof of ID (passport copy, etc) for it to be unlocked."
The key problem with this reply is that a *customer* asserting an event is a fraudulent call does not make it a fraudulent call.
What if they have bugs in their billing software?
Skype only cared about not issuing compensation. Needless to say, I've never told anyone my skype password and my laptop at the time of the calls was in for repair, where I had removed the SSD drive before sending the unit off. Also needless to say, I've never unlocked that account or spent another cent with Skype. Thankfully, GoogleTalk came out just at the right time. Thank God for choice.
Agree with everybody who said "give it up." (Score:4, Interesting)
Re:No point (Score:5, Interesting)
Sadly there's no point in bothering.
In this instance, I might disagree. Given that those calls were (according to TFS) made to Senegal, Mali, Benin and Philippines, that in itself might be construed as suspicious. You could pass the information on to the FBI and tell them you are concerned your account could have been used for terrorist activity. Let them come down on the perps.