If you’re a Skype user, you may want to read this post carefully. Skype has a security issue that allows “anyone,” not just a hacker, to steal your account. Here’s the issue, if someone knows your email address that you use for Skype, they can steal your account. All anyone needs to do, is download Skype, set up a new account and use your email address, even though the setup will tell them that, that email address is already in use. It doesn’t matter, all they need to do is add an additional email to the account sign up and fill in some generic information. Once they are finished, they simply log in, delete all cookies and use the applications password reset function, which sends the password reset token to the actual app, not the email on file.
Update: We’ve heard that Microsoft/Skype have disabled the password reset function, but the problem still exists. If you’re concerned about your accounts privacy, we suggest you change the default email account, at least until a patch or fix is sent out to the application.
Thanks to Teqno-Logical for the heads up.