Ask Slashdot: How To Track a Skype Account Hijacker?

An anonymous reader writes "My Skype account was hijacked, which I discovered after Skype suspended it for suspicious activity, including a number of paid calls and an attempt to debit my card. Now that I've secured the account again, I can see the call history — there are several numbers called in Senegal, Mali, Benin and Philippines. Obviously I could call them myself and create a bit of havoc in their lives, but ideally I'd like to trace the hijacker himself — perhaps with some kind of 'social engineering' approach. Or is it just a waste of time?" How would you do this, and would you bother?

No point

[Anonymous Coward]

Sadly there's no point in bothering. It could be that the numbers they called are 'premium' numbers and its possible that your account is gonna get charged a whole ton of money from those 'services' that were set up specifically for this kind of thing.

Re:No point

[BrokenHalo]

Sadly there's no point in bothering.

In this instance, I might disagree. Given that those calls were (according to TFS) made to Senegal, Mali, Benin and Philippines, that in itself might be construed as suspicious. You could pass the information on to the FBI and tell them you are concerned your account could have been used for terrorist activity. Let them come down on the perps.

Re:

[gl4ss]

Sadly there's no point in bothering.

In this instance, I might disagree. Given that those calls were (according to TFS) made to Senegal, Mali, Benin and Philippines, that in itself might be construed as suspicious. You could pass the information on to the FBI and tell them you are concerned your account could have been used for terrorist activity. Let them come down on the perps.

well, sure, call those numbers them. give them more money.

Re:

[flyneye]

Now there's a good sense answer that requires little to do on the part of the violated. You can still make it out to be a huge thing , down at the bar, with you in the middle of an international incident.
Someone mod this guy up and get him a beer.

Re:

[Anonymous Coward]

Sadly there's no point in bothering.

In this instance, I might disagree. Given that those calls were (according to TFS) made to Senegal, Mali, Benin and Philippines, that in itself might be construed as suspicious. You could pass the information on to the FBI and tell them you are concerned your account could have been used for terrorist activity. Let them come down on the perps.

Lol, not likely. This is a common scam lately, not just by getting into Skype accounts but also by breaking into PBX systems, SIP phones, etc. They place calls to those numbers which are toll services, this generates a charge to the person's account. The scammer is somehow related to the people who get paid when those numbers get called, either directly involved or at least another branch of a criminal enterprise.
They've been up to this for years, so while I'm sure the FBI would be happy to add the OP's spe

Re:

[Anonymous Coward]

Do you seriously live in such a paranoid delusion that you believe that crap?

Ask Reddit...

[JJJJust]

Reddit seems to be fantastic at finding people on the internet given the flimsiest leads to their identity... sure they may get it wrong now and then, but hey... them's the breaks.

Re:

[corbettw]

I'll save the poster some time: if you ask Reddit, they'll tell you it was Sunil Tripathi. Case closed.

get their ip

[ZeroNullVoid]

Set the password back to what they knew, wait for them to login and hijack it (another account friended) and use one of the sites that use the debug version of skype to obtain their ip.  Then contact the ISP and say that either this illegally hijacking accounts or their IP/systems have been compromised.  Don't forget to disassociate any cards prior.

Their ISP won't care

[bradley13]

Look at the places they called. Likely the hijacker is somewhere in a developing country. Unlikely to be the same country where the poster lives. The ISP will not care, as long as their bills are paid.

Re:

[Anonymous Coward]

Look at the places they called. Likely the hijacker is somewhere in a developing country. Unlikely to be the same country where the poster lives. The ISP will not care, as long as their bills are paid.

Call and harass the people they contact. You know, passively at first, pretending to be other guy, then lay in.

Re:Their ISP won't care

[Joce640k]

First become fluent at harassing people in African-French and Filipino.

Re:

[Opportunist]

For a simple DoS you needn't even speak their language.

Re:

[Technician]

Be aware that many in West African countries don't have home phones or home internet. They may be someone renting a chair at an Internet Cafe.

http://nigeriamasterweb.com/Etc4/InternetSurfersCyberCafeNairobiKenya.jpg [nigeriamasterweb.com]

Post numbers

[Anonymous Coward]

1] Post the numbers dialed to 4chan
2] Wait for the onslaught of harassing calls
3] ???
4] Profit

Re:

[Anonymous Coward]

Neither is my cat. It still catches the mice though.

Re:

[Alex Belits]

Actually your cat IS your personal army.

Re:Post numbers

[Gadget_Guy]

Actually your cat IS your personal army.

It may seem like the cat belongs to you, but if it really was your personal army then it would actually have to obey your orders.

In reality, you are more like a squire to your cat; you attend to the cat's personal needs when it isn't off doing heroic battle against a mouse or bug.

Re:Post numbers

[symbolset]

Cats don't belong to people. People belong to cats.

Re:

[fuzzywig]

aka, cats don't have owners, they have staff

Re:

[Alex Belits]

I am not saying that he has a good personal army.

Cats Are Assholes

[Flere Imsaho]

Want some food? I'm your best friend.
Play time? I'm your best friend.
Any other time? FU, GTFO

I love 'em :-)

Re:

[the_B0fh]

What makes you think this isn't part of it...?

What about the IP

[Lorens]

Won't Skype tell you the IP that was used by the thief?

Re:What about the IP

[ccguy]

Won't Skype tell you the IP that was used by the thief?

No, they won't. In general companies tell you to contact the police, etc and go out of their way to be useless.

Some months ago I had someone purchase a plane ticket using my credit card. My bank sent me a SMS when the charge was made (usual alert system, they SMS each time there's a charge). I had the phone with me so I could do something instantly. This is what happened:

- The charge was made for a plane ticket on Airchile according to the SMS.
- I called the bank *inmediately* (as the SMS said) to notify them of the charge. Well, guess what, it was a Sunday at 23:00 or so and they were closed. So the bank couldn't help.
- I drove to the airport to talk to Airchile, which happened to be opened at the time because they was a flight leaving from Madrid to Santiago in a couple hours (I was hoping that the bastard was there). They couldn't help.
- I went to the police station in the airport and they couldn't help because I needed a bank statement before they could do anything. Really? I have to wait until the end of the month before I can file a report with the police?

You see - even if you are really willing to track things down and not demand your money back, the other parties involved rarely assist.

Eventually I got my statement, filed the report (useless at the time of course) and got my money. But I great chance to catch the guy was lost.

Re:

[AK Marc]

I find that idiotic.

"I'd like to know my IP, the one I used on Tuesday to call Somalia."
"No, we aren't allowed to tell you your own IP address for privacy reasons."

How exactly does that work? You are who you were last week, as far as they are concerned, right?

Re:

[Jstlook]

The funny part is that's by design. Our American society cares more about protecting the right to make mistakes and the belief in second chances than it does in any right to privacy or integrity.
Congrats, and welcome to the queue. If you'd like to dispute this society, please press star, and an operator will be with you .. eventually.

Re:

[Alex Belits]

The funny part is that's by design. Our American society cares more about protecting the right to make mistakes and the belief in second chances than it does in any right to privacy or integrity.

Actually this is the implementation of "What if it's someone rich?" clause.

Re:

[Opportunist]

It does? Gee, the prison and justice system in general would have suggested otherwise.

Re:

[Joce640k]

Our American society cares more about protecting the right to make mistakes and the belief in second chances than it does in any right to privacy or integrity.

So that's why there's more Americans in prison than any other society in history. Got it.

What airline was that again?

[voss]

airchile doesnt exist.

Re:What about the IP

[markus_baertschi]

Your Bank/Credit card company has no 24h service number for such this ?

Time to change credit card company.

Re:

[PhoenixFlare]

What sort of dodgy bank are you with that doesn't have a 24-hour line for reporting card loss/theft?

A couple years ago, my wife's check card number was stolen and run for about $300 at a Wal-Mart in Dallas - at about 10 PM local time on a Sunday, I was able to call and report the theft on a 24-hour number, get the number blocked, and even managed to get the store manager at the Wal-Mart to pull video from the checkout line of the thief. The next morning I faxed in the appropriate form, and the money was bac

Re:

[spxZA]

Skype or Microsoft won't, but they introduced a weakness recently to discover a user's IP address: http://www.anonware.net/index.php?page=resolvers [anonware.net]

I wouldn't start that journey from here

[realitycheckplease]

Is it possible that the hijacker was selling calls to other people, possibly immigrants, maybe even illegals. If so, the numbers called may have no direct connection to the hijacker, rather each olne of them may know a different someone who knows the hijacker. So you could be looking for the common factor between the people who made the calls to the numbers that you have. I'm not sure that it will be easy to find that common factor. After all, you have Jim and Bill and Fred's numbers; Sue called Jim, Anne called Bill, Jenny called Fred; Sue, Anne and Jenny all know Henry .... so if you have Jim and Bill and Fred's numbers, and don't even know whether Henry exists or not, how do you find Henry?

Re:

[Anonymous Coward]

The answer is clear: The hijacker is Kevin Bacon.

Re:I wouldn't start that journey from here

[tftp]

Sue called Jim, Anne called Bill, Jenny called Fred; Sue, Anne and Jenny all know Henry .... so if you have Jim and Bill and Fred's numbers, and don't even know whether Henry exists or not, how do you find Henry?

It's pretty much impossible; not mathematically but practically. First, Jim, Bill and Fred live in different foreign countries. They have no obligation to tell you anything, even if you are a police officer in your own country. But if for some reason they choose to endanger their relatives, they may not know where Sue, Anne and Jenny live. But if you manage to find them, those three are not required to tell you anything (if they are in the USA, at least.) But if you manage to make them talk and they point at Henry, Henry can always say that he used his own Skype account, but the OP "hacked" it to "frame him" because he is "raysis." (Well, that story is being tried by the Boston bomber's mother.) The OP may find himself on the receiving end of a counter-suit, if not of a criminal complaint (doesn't matter if it has merit or not - justice is not based on such trivial things.)

The OP should pick better passwords, write the loss off, and take this experience as a valuable lesson.

Re:

[Ceriel Nosforit]

They have no obligation to tell you anything, even if you are a police officer in your own country.

You must be new here. =)

Hello, I'm looking for my long lost brother. I'm 80 years old and we were together in Auschwitz. Have you heard about Auschwitz? No? Could you do me a favour and look it up? I'll call you back. By the way we only barely survived and have been separated ever since...

OP is probably right asking for help with this stuff. Social Engineering is fun, profitable and perfectly legal, but it certainly isn't easy for the uninitiated.

Re:

[s.petry]

Most ISPs, even in poor foreign sites, are trained for social engineering. Hell, they may reverse your tactic and have you crying about their 7 starving children by the time you hang up the phone.

Re:

[tftp]

Hello, I'm looking for my long lost brother. I'm 80 years old and we were together in Auschwitz

Language of what tribe will you use? Are you good with it? What would *you* do if someone calls you, purportedly from China, and in broken English starts asking you who in China you talked to on Skype a week ago and what is her address, using an excuse that is an obvious lie. Most people would respond in just two simple English words (that are pretty well understood worldwide) and block the contact forever.

Yo

Re:

[Ecuador]

It's not even that. I bet the numbers called were all premium-rate telephone numbers and that is how the hijacker makes his money. By calling them you will give them more of your money.

voip fraud

[Anonymous Coward]

The account was possibly being used for voip fraud. Voip fraud is typically the practice of hijacking a VOIP account (sip/skype) and then calling some foreign country exchange that has a stupid high per minute rate (that the called party gets a cut of). The called party is usually in on the scam but good luck getting any realistic amount of cooperation due to local corruption at the called party end (almost always third world countries).

You're a fucking idiot

[bucky0]

Do you think someone broke into your Skype account to call 5 random countries? They're all toll numbers in Africa. The damage is done and you lost

Re:You're a fucking idiot

[macraig]

The last time I checked the Philippines was an island chain, not a territory in Africa. Don't you just sound credible?

Let it go.

[six025]

Just let it go. It's not worth the time or the hassle.

Use better logic

[O('_')O_Bush]

You need to use the same kind logic as when buying a used car.

1. Do not assume you can outsmart them or that they have made glaring mistakes
2. Realize they do this professionally, that is, spend years eating and breathing this type of activity
3. Realize if there was some way to retaliate or gain an advantage, they wouldn't be doing this for a living.
4. Re-evaluate your position.

Re:Use better logic

[dkf]

3. Realize if there was some way to retaliate or gain an advantage, they wouldn't be doing this for a living.

I'm waiting for SIFPTP (Simple Internet Face-Punch Transfer Protocol) to be implemented.

Re:Use better logic

[AHuxley]

Yes, in Australia a "Bell" public phone would be taken over and a line of people would form to make at the time very expensive international calls.
This might be the same digital effort - an account with 'cash' is passed/sold around until it fails.

Re:

[Zaelath]

What? This is put out there like it's common knowledge in Australia but "Informative" to others.

What do you even mean by "Bell" public phone? It's obviously not Ma Bell, is that why the air quotes?

Re:

[AHuxley]

Most parts of the world had few options for 'international" telcos in the 1980-90's and international calls where not cheap.
Putting "Bell" allows US centric readers a reference to a time in their past, the use of pay phones and international calling cost structures at that time.
vs the long Australian telco history http://en.wikipedia.org/wiki/Australian_Telecommunications_Commission [wikipedia.org] that would not be so clear to a non Australian reader on average.

Re:

[Zaelath]

Fair enough, "pay phone" would be the US-ism though.

Still, I read a good bit about phreaking as a kid, don't recall any widespread international call efforts in Australia. I blame Wargames for making that popular.

Re:

[ron-l-j]

Good thinking.

Only revenge

[vikingpower]

If you are the type of person who get satisfaction out of revenge - well,hell yes, then go for it. In that case, even trying may get you some. Otherwise - forget it. You are not going to get any gain or benefit out of such an action. And forget about the author(s) being punished or even getting into mild trouble with the police or justicial apparatus of any country whatsoever.

You need professional help

[tlambert]

If you have a problem, if no one else can help, and if you can find them, maybe you can hire the A-Team.

Re:

[account_deleted]

Comment removed based on user account deletion

Call the numbers in Africa and say...

[CaptainOfSpray]

"I am a lawyer representing a senior banking official in Nigeria, who recently died leaving $10 million untraceable... and I am able to pay you to help me find the rightful heir..."

Customer defined fraud

[Anonymous Coward]

I had a similar experience - my account was emptied of its five GBP of credit.

I emailed Skype - "there have been fradudent calls, I've changed my password".

Their reply? (slightly paraphrased)

"You must have been responsible for the breach, as our security is perfect. We do not refund fraudulent calls due to customer error. We've locked your account, so you'll need to send us proof of ID (passport copy, etc) for it to be unlocked."

The key problem with this reply is that a *customer* asserting an event is a fraudulent call does not make it a fraudulent call.

What if they have bugs in their billing software?

Skype only cared about not issuing compensation. Needless to say, I've never told anyone my skype password and my laptop at the time of the calls was in for repair, where I had removed the SSD drive before sending the unit off. Also needless to say, I've never unlocked that account or spent another cent with Skype. Thankfully, GoogleTalk came out just at the right time. Thank God for choice.

Re:

[Stormthirst]

They key thing to learn is to make sure Skype doesn't auto-recharge and delete your credit card details from your profile. It's a damage limitation exercise.

Re:Customer defined fraud: maybe not so redundant

[BeCre8iv]

Which part of "Microsoft product" did you not understand?

Dont get involved.

[Anonymous Coward]

The hacker may have been involved in drug smuggling or terrorism or what not. Do not get involved. Be happy you got your Skype account back and move on.

Re:

[Psyborgue]

This. And contact the authorities. Those countries do have a lot of terrorist activity.

Don't call the numbers

[mysidia]

They're most likely either (1) disconnected numbers, (2) toll numbers that will rack up massive charges, OR (3) Numbers that the thief sold innocent 3rd parties "cheap long distance minutes" to, through fraudulent schemes.

Don't engage yourself in placing international harassing phone calls to "create havoc" in random people's lives; that would be you committing a crime. ,

Re:

[Technician]

You can check the phone rates to call many phone numbers that are not a 900 type number. Most likely the account was used to call friends and associates.

The fees are based on the termination charges of the destination phone number. Use this link to see charges for a typical VOIP provider (Skype carges considerably more than most other VOIP providers)

http://www.viatalk.com/tools/intrates/ [viatalk.com]
VIATALK rates given for example. Other providers are similar.

For rate comparisons, you can compare Diamondcard, VIATALK,

Re:Philippines ~ US 27 cents / minute.

[Technician]

A quick check of VIATALK rates to Philippines $0.2693

Nigeria $0.1905
Nigeria Cell typical, varies.. $0.1966 - $0.2505

Re:

[mysidia]

You can check the phone rates to call many phone numbers that are not a 900 type number. Most likely the account was used to call friends and associates.

Not all country codes are listed. 8816, for example. And if you don't do your research, you may arrive at an equivalent to 900 number, or destination with ludicrous termination charges.

The international rate sheets only show you the standard rates for dialing certain countries, but there are destinations that can be $10 to $25 per minute, and it's

Re:

[mysidia]

(4) Numbers owns by a Telco to create traffic. Many Telcos in third world countries uses this scheme. They create random numbrers, when you call there it's playing music or a thanks message or something like that. They then pay people to call those phone number from overseas Telcos.

That's a very interesting scary concept... although, when you consider, there will be international termination charges paid to those providers, generated by their own calls.

Well, that is also a form of fraud.

Similar to th

scamming a scammer

[Tom]

Or is it just a waste of time?

That, at best.

Old saying: There's always a sucker in a game of poker. Look around the table. If you don't see him, it's you.

Never play criminals on their home turf. They are doing this for a living, you don't. Guess who's better at the game?

Re:

[Technician]

You can tie up scammers on their home turf. It is called scam baiting. The scammer gets to spend time and money playing games with your bait instead of victims. I regularly write scammers back. I am most interested in my inheritance of 10.5 million.

I question my eligibility, write with a fake first name, no last name, and a bait email account with a free US DID phone number. They can email me, text me, call me, etc, while I continue to find out the name of the deceased before I fill out their form to f

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Tom]

You can tie up scammers on their home turf.

You also tie yourself up. Unless you have nothing else to do with your time, it's still a net loss for you.

Re:

[danaris]

You can tie up scammers on their home turf.

You also tie yourself up. Unless you have nothing else to do with your time, it's still a net loss for you.

Unless you can derive entertainment from it. Then it can pay for itself.

Dan Aris

Agree with everybody who said "give it up."

[symbolset]

If you knew enough to solve this problem you wouldn't have this problem. Since you don't any attempt is just going to give you more new problems you are unable to resolve until you find yourself clad in latex and wearing a ball gag. Give it up.

Waste of time

[Anonymous Coward]

Look on this as hard earned experience to use better passwords in the future.

The tubes are the wild wild west, and anyone who thinks otherwise is delusional.

Just move on, and don't waste your time.

I recall many years ago being hacked by someone. Reformat, learn from the experience, and move on.

Easy Solution

[LifesABeach]

Get a job at the F.B.I., and then go out at night dressed like Batman. The rest I think you can figure out for yourself.

Re:

[iggymanz]

my advice was similar, go to the shady part of town at night dressed as batwoman. enough interesting things will then ensue you'll forget all about your hijacked account

Re:

[LifesABeach]

I sure hope you're female, otherwise the image you just painted in my mind; well my eyes are starting to uncross now...

Re:

[iggymanz]

see?, interesting things are happening to you just imagining it

Done

[Impy the Impiuos Imp]

> "I can see the call history — there are several numbers called in Senegal, Mali, Benin and Philippines."

Don't bother -- you'll just be hassling some expat's grandma or sister. The account was probably hacked and immediately rented out on the black market. Now, the expat certainly realizes it was hacked, and would deserve it, but the hacker is long gone, probably hundreds of victims down the road already.

(ring ring)
"It's Queef calling from America!"
(answers)
"Hello?"
"You asshole hacked my Skype!"

I did this

[hduff]

My cellphone was stolen from my car and then recovered (it was found in the middle of the street). I called the long-distance numbers, pretending that I found the phone and wanted to return it to the owner. The people called (teenagers) were surprisingly helpful and I got the name and local address of the teen that called them who was staying with his uncle. I turned the info over to the police who told me that the loss was actually incurred by the phone company (charges had been refunded) and I was not "harmed" so there were no charges to press, plus the kid could claim that he "found" the phone and did not break into my car. But the detective did talk to the uncle and told me he thought the uncle was going to beat the kid's ass and send him back to Louisiana since the kid had been a problem since he got here. Good enough for me whether true or not since it was all that could really be done.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[cOldhandle]

Yeah, unless you had a terrible password, you should spend your time checking your system for vulnerabilities and/or reinstalling the OS rather than trying to track them down.

happened to me

[Anonymous Coward]

Someone brought a subscription to call Jordan, burned through it (you don't get many minutes to jordan) brought $10 credit, used that, then that was the end of it. Both were debited from my paypal account.

Skype were horrendously unhelpful, insisting my account hadn't been hacked, but I needed to reset my password multiple times on their insistence anyway, and refused to entertain the idea of a refund because I had allready "used" the credit. Thankfully paypal stumped up the refund, I got some BS boilerplat

You wanna fuck with criminals?

[mlheur]

take a bounty hunter course or something.

Creepy.

[csumpi]

And not only creepy, but possibly illegal.

Re:

[quantaman]

How would he be breaking the law? And where is he suggesting hacking?

I think the thought was he could somehow use the numbers the thief called (ie people the thief knew), but it sounds like those were scam toll numbers or something else that wouldn't be helpful.

Re:

[Anonymous Coward]

OP's plan is exactly what the long distance companies did when phreakers would use found phone numbers to call friends around the country. You needed to have forgetful friends because the company would call them up and ask who called. Phreakers would usually use payphones, which were plentiful back then.

Wrong priorities

[whoever57]

The original poster has not stated that he knows how his account was hijacked.

His first priority should be to understand the how the hijack happened and take measures to makes usre that it won't happen again. Regaining control of the accoount again is not sufficient.

Re:

[skegg]

First up: IANAL.

I think in Australia what you state above is not a crime.
To my knowledge, conspiracy to commit a crime requires 2 or more people.

Re:

[flyneye]

I think he insinuated that random /. posters would be conspirators, in his sexually excited state.

Re:

[Zaelath]

Replying to an AC seems like pissing into the wind... but anyway.

I think your definition needs work, otherwise every murder mystery author would be guilty.

Re:

[flyneye]

They don't give drunks, mod points, you sot!

Re:

[mendax]

Seriously

Surely you have better things to do in your life than troll around here and issue such nonsense. On that note, I'm going to get back to my life and go to sleep. You may continue to troll along as you choose.

Re:

[sdreader]

Seems like a lot of people agree with this "troll" if he's already gotten Score:5.

Re:

[MysteriousPreacher]

Myself included. There's almost certainly nothing to be gained from embarking on some CSI inspired e-detective work.

If AC is a troll, fair enough but by such a broad definition the same is true of Mendax. The only difference I see is that the AC opted for humour over Mendax's calling card for why he/she probably doesn't get invited to many parties - at least not a second time.

Re:

[sdreader]

You've have to be pretty short-sighted to believe that telling someone to "get a life" means that the accuser is a bitter person. Some people need to be put in their place, even the nicest people know when to put their foot down and tell it like it is.

Re:

[MysteriousPreacher]

I'm still waiting to hear activities that you consider to be a life. Whatever you say is going to either sound silly or ridiculously lofty, and we'll make fun of you and ask you why if you have such a "life" you are prowling around slashdot, but you won't tell us will you, you bitter loser.

Oh noes! AC, with his Wikipedia-provisioned psychology degree and at least one foot on the floor is well on truly on to us. Help ma boab - better scarper!

Re:

[Culture20]

game theory, tit for tat

But I thought tit for tat with forgiveness beats pure tit for tat.

Re:

[libtek]

Regardless of additional modifiers: tits always beat tats.

Re:

[mooingyak]

Regardless of additional modifiers: tits always beat tats.

Man boobs.

Re:

[andy.ruddock]

The trouble is that skype does "just work". My son lives abroad, so we use skype to talk. I'd much rather use a "free" solution (using openly defined protocols and open source software if at all possible).
I'm sure it's possible, but he also uses skype to chat with his friends and it wouldn't be easy to get all of them to use a different solution.
So, he uses multiple clients, or we all just use skype - unless we can find someting worth the hassle of converting to, which would have to work on Linux, Android