Users running Microsoft’s Skype VoIP client on Windows are being served malicious ads trying to push a fake Adobe Flash Player update that eventually leads to a malware infection.
A reporter on Reddit, with username j8048188 has identified an advertisement that pops up on Skype for windows without interacting or clicking anything after logging on Skype. The ad in Skype attempts to download a file called FlashPlayer.hta as shown on the image below.
In a statement given to ZDNet, Microsoft avoided accepting responsibility for the ads showing, saying:
We’re aware of a social engineering technique that could be used to direct some customers to a malicious website. We continue to encourage customers to exercise caution when opening unsolicited attachments and links from both known and unknown sources and install and regularly update antivirus software.
FYI, Microsoft displays advertisements on Skype’s start page and alongside conversations. These ads are only present in the traditional, Win32 desktop program of Skype, not in the Windows 10 version of Skype. The ads in Skype are loaded through an embedded Internet Explorer object.
To block ads in Skype
Add these two sites to your IE Restricted Sites. The ad banner space will still be there, but it’ll block the ad content: apps.skype.com, g.msn.com
Have you been affected by malware that spread through Skype? Let me know below!
You may also follow this link for information on Ransomware and how you can stay safe.