SKYPE 帳號被盜用事件之分析與說明

An analysis and description of the Skype hacked.

是的,筆者的 SKYPE 帳號也被盜用了(大恥!),如下所示的兩通電話,簡單的將帳戶餘額一掃而空:

  • 日期, 時間:4/22 01:21,項目:0925231469, Taiwan - Mobile,類型:通話,每分鐘費率:NT$ 3.267,長度:13:59,選擇點數:NT$ 48.938。
  • 日期, 時間:4/22 01:21,項目:0986084290, Taiwan - Mobile,類型:通話,每分鐘費率:NT$ 3.267,長度:14:00,選擇點數:NT$ 48.938。
照慣例,PCHOME 的客服回了封官方信件,告訴我們:

「...若帳戶通話如非您本人使用發話,建議您若是有相關帳戶點數盜用問題您可報案請警察單位處理(所以 PCHOME 不負責?),我們將會配合警察單位提供相關資料。您電腦真的被植入木馬病毒(所以只會是用戶的錯?),請您須確認防毒軟體已將病毒刪除,避免仍有木馬病毒在您的電腦中繼續盜取您的帳號與密碼,若您無法確認病毒是否已被刪除乾淨(筆者只確認了電腦沒有先前被植入木馬的問題。),建議您將電腦的作業系統完全格式化後再重新灌入相關軟體,將是解決問題的最佳方式(所以不建議也不希望找出問題?)。因我們無法查看出事件發生當時,是帳號本人所進行的行為,或是非帳號本人所進行的行為(就算不曉得是否本人,也有相關 IP 資料可供查詢與比對,PCHOME 卻又推說無法查看?非得先報警才能跟美國原廠調資料,筆者還真不曉得,何時臺灣法治權對美國地區有強制性了?),還是被第三人詐騙後由帳號本人所為,也無法釐清社會現狀發生的可能性(例如:被盜、被騙、贈與後反悔、誣告…等)(老話一句,先查登錄 IP。),因此須透過司法單位調查,才能成功厘清這些可能性,並請您放心,如本公司 接獲警察單位來公文,我們將會配合警察單位提供相關資料協助調查。skype提供多方通話功能,若非您本人使用發話有相關帳戶點數盜用問題,建議您可報案請警察單位處理,我們將會配合警察單位提供相關資料。(一整段裡頭就講了三次:「去找警察」、「去找警察」、「去找警察」,感覺推卸責任推得很明顯。)...」

依照 PCHOME 的說法,似乎是將全部的問題都推給使用者、推給病毒、推給木馬,甚至是推給……呃,按照 PCHOME 客服的說法:「社會現狀」,就再也跟他們毫無關聯一般,如此軟體,如此客服,如此企業(嘖嘖)。Please Wait A Moment.

於是,在筆者電腦中,原本就裝有微軟的「Microsoft Security Essentials」,為了還 PCHOME 一個清白,因此更分別追加有「小紅傘 Avira AntiVir Personal」、「費爾托斯特安全 V7」以及「趨勢科技閃電殺毒手」等多套防毒軟體,並在其他電腦中另外安裝作業系統,包括 Windows 與 Ubuntu,並分別針對我先前的主要硬碟進行防毒偵錯等作業。
        在此,我個人提出下列幾點疑問:
  • 其一,如果今天 PCHOME 硬是要宣稱是使用者的錯誤,那筆者也使用了多套不同的掃毒軟體以及不同作業系統進行掃毒,一隻都沒有發現,那是否該由 PCHOME 來證明,是否有哪些病毒可以躲過這幾套掃毒軟體的檢查,並說明我的檢測程序不正確,才導致我的帳戶被盜用呢?
  • 其二,我個人對於電腦的使用觀念,在相同方式下,幾年過去了,從來沒有一次被盜用帳戶?即便我在各國家使用公用電腦也不曾發生問題(每次使用外人電腦前我都會進行一次系統檢查。),為何這次就在轉入金額後不久就被盜用?
  • 其三,另外,針對本次被盜用事件,有一問題點,我們仔細分析先前所提到的那兩通盜打電話後可以發現,第一通電話的總通話時間為十三分五十九秒,第二通電話的時間長度則為十四分整。但是,兩通電話的發話時間都同樣為凌晨一點二十一分!是否只要調查內部 IP 就知道是否由同一處發話?
  • 其四,既然 SKYPE 會鎖帳號,啟不就是因為知道帳號有問題,想請問判斷機制為何?為何還得等兩通電話將時間用光才加以鎖帳號?如果真如 PCHOME 所說,由於多方通話機制,所以可以同時打兩通電話,那為何還要鎖帳號?
  • 其五,再者,既然是短時間盜用的事情,那為何還要特地大費周章的改掉我們使用者的密碼,這樣豈不是更容易被發現嗎?還是說,其實原因在於 SKYPE 的軟體錯誤,造成盜用帳號的途徑,是先讓密碼被更改後,再加以盜用?這跟先取得密碼,再盜用帳號的方式,可是天南地北之差!
最後,PCHOME 官方在我寄完信後,無論是回覆或是態度,似乎該企業客服單位,對於帳號被盜這種小事,早就習以為常,如此軟體,如此客服,如此企業(嘖嘖)。

如果PCHOME仍要宣稱是帳號被盜,並且與他們無關,那想請教,我們消費者該怎樣作,才能辦到在相同的時間一齊撥打出去?至少我不知道,我也沒想這樣嘗試過。如果要報案,也理應由PCHOME方面報案為是,好歹可以跟警察說,有用戶打算欺騙他們(攤手)!

---過程---

最初,我在發現帳號被鎖後,最先想到的,是要如何解鎖,依照官網與其他使用者的說明,歷經很麻煩的過程,才在美國官網中完成解鎖步驟的「申請」,並收到如下的信件:

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

This is an automatically generated email. Please do not reply.
Thanks for contacting Skype.
Just to let you know, we've received the support request you submitted on our website. We'll get back to you with more information in the next 12 hours.

Hold tight!
The people at Skype

之後,收到一封正式的信件,內容如下:

2011/04/22 Re: AC006-000-OT: Please unbolck my account <>‏ 

Thank you for contacting Skype Customer Service.
We understand that you are experiencing difficulties with accessing your account. We will be happy to assist you.
It seems that a third party might have gained access to your account. Provided you still have access to that email account, it should be easy to stop the suspension of your Skype account.

To do this:
Change your password as soon as possible. You can change your password by visiting:
https://secure.skype.com/account/password-reset-request
Sign in to your account with the new password.
Contact us again by replying to this email. Please remember to include your Skype Name in the email.
When we receive this information, we will stop the suspension of your account.

Unfortunately, Skype is unable to refund any money that may have been lost because of this incident.

Also, if you cannot remember the email address you used when you created your Skype account and have never purchased Skype Credit or some other Skype feature, you will need to create a new Skype account:
https://login.skype.com/account/signup-form
 
To prevent this from happening again, we urge you to check that your PC’s security systems are running properly and are up to date. This will prevent hackers from obtaining personal information such as your Skype Name and password from you. If your security software is missing, disabled, or not up to date, your computer is vulnerable to viruses and malware.

Also, to keep your information safe, please beware of 'phishing' sites, or Skype chat messages from strangers, (sometimes pretending to be from Skype) that contain links or ask you to reveal personal information, such as your password or your credit card numbers.

Please be aware that any download or upgrade from Skype will only ever be available on the www.skype.com site so never download “patches” or upgrades for Skype from anywhere else, particularly in response to any unsolicited email or chat purporting to be from us. If you receive an email claiming to be from Skype that you suspect is fraudulent, please DO NOT open any attachment to the email, reply to the email, or click any links in the email.

To learn more about phishing, please visit:
http://www.skype.com/intl/en-us/security/online-safety/#phishing

Finally, when you use Skype on a public computer, always be aware of people around you when entering any personal details on to the screen where they might be seen, and remember to sign out of your account and quit Skype completely when you have finished using it.

For more information on staying secure, please visit:
http://www.skype.com/go/security

We look forward to your response, so we can assist you further.

Best Regards,
Ahmed E.
Skype Customer Service(後文為個人申請資料,內容述刪。)

由於一大篇的英文會讓人頭腦直發疼,而且不曉得為何我參照前述步驟,其實並無法更改密碼,因此我改直接發信詢問 PCHOME,並且將後續問答的內容直接列於下面各處,請大家自行參酌(我現在才發現,PCHOME 的官方回函竟然沒有依照正常商業模式,將我的問題列於信件後方(美國原廠至少有做到該做的),所以我很多的問題跟要求,可惜沒辦法列在下面給大家觀看。):

2011/04/22 PChome&Skype官方信件回覆‏

親愛的 PChome Skype 使用者 您好:
請您提供您的skype帳號為何?以便我們瞭解您的帳號密碼問題。
謝謝您的合作,如果仍有其他問題,歡迎與PChome & Skype客服中心聯絡
* Skype Me :online_service
* 線上發問 : http://skype.pchome.com.tw/cs.jsp
* 客服信箱 : skype@skype.pchome.com.tw
* 客服傳真 : (02)2709-4848
---------------------
客服中心     Nicole Chiou             敬上
---------------------
信件主旨: Skype客服信件 - 帳號密碼查詢
問題內容:
親愛的SkypeOut管理員你好
問題/建議種類:  帳號密碼查詢
姓名或暱稱:*****
email:*****
電話:  
PChome-Skype 使用者帳號:
PChome-Skype 版本:
產品:   notSelected
使用系統平台:*****
連線方式:*****
CPU速度:*****
使用哪種麥克風及喇叭:*****
錯誤代碼:
防火牆名稱/版本:
訂單編號:
問題/建議描述:  請問我的SKYPE帳號一開始先是被自動登出,並告訴我自動更換密碼,之後我要在登入卻完全無法登入。之後,我試著用密碼變更的方式,卻又無法變更,請協助!

另一封:

2011/04/22 已成功變更密碼‏ 

*****,您好!
已成功變更密碼
已經設定您的 Skype 新密碼。
現在您可存取您的帳戶、檢視您的通話記錄或更改您的帳戶設定。
再見。
Skype全體同仁

再一封:

2011/04/22 PChome&Skype官方信件回覆‏

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

0
又一封:

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

1

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

2
再另一封(進入鬼打牆階段):

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

3

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

4
再又一封(這次我直接提出要觀看相關資料的要求):

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

5

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

6

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

7

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

8

2011/04/22 RE: AC006-000-OT: Please unbolck my account‏ 

9
終於,最後一封:

This is an automatically generated email. Please do not reply.
Thanks for contacting Skype.
Just to let you know, we've received the support request you submitted on our website. We'll get back to you with more information in the next 12 hours.

Hold tight!
The people at Skype

0

This is an automatically generated email. Please do not reply.
Thanks for contacting Skype.
Just to let you know, we've received the support request you submitted on our website. We'll get back to you with more information in the next 12 hours.

Hold tight!
The people at Skype

1

This is an automatically generated email. Please do not reply.
Thanks for contacting Skype.
Just to let you know, we've received the support request you submitted on our website. We'll get back to you with more information in the next 12 hours.

Hold tight!
The people at Skype

2
最後,我想就不需要再多說或評論什麼,畢竟 PCHOME 已經放了個好康給我不是嗎(拿人嘴軟)?至於其他帳號也被莫名其妙盜用的人,請當作一個參考吧,畢竟 PCHOME 可是說了,由於我是 PChome Skype 用戶,他們才替我特別爭取呢!?(笑)

鷹眼編輯台

去探險,去感受,這個真實而獨特的世界。

You may also like...

1 Response

  1. Vedfolnir says:

    前幾天看到一則新聞,指出 SKYPE 被發現一個帳號安全的超級大漏洞。入侵方式大致與我文章中提到的第五點疑問相雷同,希望 SKYPE 的糾錯能力可以在微軟加持下變好一些。:O

說些什麼吧

%d bloggers like this: