New research signals trouble for Skype fraudsters

Life could become more difficult for fraudsters on Skype thanks to research by Microsoft boffins that promises to cut down on fake accounts across the platform.

The research combined information from diverse sources including a user's profile, activities and social connections into a supervised machine learning environment that could automate the presently manual tasks of fraud detection.

The results show the framework boosted fraud detection rates for particular account types by 68 per cent with a 5 per cent false positive rate.

"The kinds of fraud relevant to Skype include, in particular, credit card fraud and other online payment fraud, as well as account abuse such as spam instant messages," read the research report.

"Our aim is to catch those fraudsters that elude the first line of defences at Skype.

"The reduction in volume [of fraud] is apparent."

Financial institutions spend on average more than half of their fraud management budgets on human resources devoted to manually reviewing possibly fraudulent accounts, the report noted.

Moises Goldszmidt, Yinglian Xie, Fang Yu, Martín Abadi of Microsoft Research and Anna Leontjeva of the University of Tartu, Estonia, conducted the research across 34,000 users that included a mix of legitimate and fraudulent accounts chosen from an initial randomised pool of 200,000 users that had not been blocked for more than four months since creating an account.

"We selected the period of four months as a compromise: longer periods may result in more information, but our data pertains to a limited time window, and in addition we expect that relatively few fraudulent users escape detection for many months," read the report.

The research captured and analysed account habits of the captured Skype users limited to what communications methods they used and how often. The content of calls was not recorded and Skype usernames were anonymised using a one-way salted hash.

The team wrote that fraudulent accounts were easier to detect when inactive after four months but became hard to find if they remained active for more than 10 months after account creation. The framework still reduced the more slippery fraudulent accounts by a factor of 2.3, the paper noted.

Most of the fraudulent accounts operating on Skype were hacked legitimate users, the team posited.

The preliminary research has yet to be wound into Skype, but promises to reduce the cost of fraud to both users and Microsoft.

Further research should be conducted into developing more elaborate methods of combining classifiers in a bid to outfox fraudsters by more thoroughly understanding their behaviour, the paper read.

"It should also be interesting to perform experiments with longer time series, attempting in particular to detect points in time at which users change behaviour. Those changes in behaviour sometimes result from account hijacking, a difficult, important problem that machine learning may help address."

Rise of the machines

Machine learning is a wing of artificial intelligence that focuses on building systems that can improve in function by analysing data, and was broadly measured by its efficiency in discovering known information in contrast to data mining which aimed to discover new information.

The theory underpins technology across fields as diverse as information security to stock market analysis and medicine. In 2009, US online film website Netflix handed out a million dollars to a research team who developed improvements that improved user preference predictions by 10 per cent.

The Skype research tested several classifiers including Random Forest, SVM, and logistic regression and selected the former for its superior accuracy rates.

Accounts of fraud committed over Skype were easy to find online ranging from spam voicemails and instant messages to blackmail and phishing.

In November, the Australian Government’s Stay Smart Online service (operated by ENEX TestLab which provides content for CSO Australia) warned of fraudsters operating on Skype who would con victims into opening their webcams in order to record footage for ensuing blackmail.

In one version, the scam originates from a dating website or social network site like Facebook. The scammer may pretend to be an attractive, potential partner and strike up an online relationship with you. It may take some time and seem extremely believable. Eventually, they may ask you to join a Skype (video) call with them.

"During the video call the scammer may attempt to lead you into participating in intimate, sexual activity or nudity, which can later be used to blackmail you. Scammers may use carefully prepared webcam images or footage of themselves which may initially seem flattering, but can increasingly become coercive and explicit. They steadily increase pressure on you to participate, which they record and later threaten to distribute online," read a post on

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags fraudskype

More about CSOFacebookMicrosoftNetflixSkypeSmart

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by CSO staff

Latest Videos

More videos

Blog Posts