Sign in with
Sign up | Sign in

Skype Accused of Reading IMs; Company Says it's Scanning URLs

By - Source: THe H Security | B 7 comments

A security blog stated that Skype reads IM messages, but it's likely just SmartScreen inspecting embedded links.

On Wednesday, The H Security blog reported that Skype reads everything its users write. This accusation stems from associates at Heise Security who believe Microsoft is accessing and reading content from HTTPS URLs transmitted over Skype.

The firm reportedly discovered unusual network traffic following a Skype instant messaging conversation that included a secure URL, and traced the IP address back to Microsoft. To see if it would happen again, the firm conducted an experiment using two HTTPS URLs and discovered that Microsoft had accessed those as well.

Skype later acknowledged that the URLs are scanned, and pointed to a passage from its data protection policy. "Skype may use automated scanning within Instant Messages and SMS to (a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links," it reads.

A spokesperson followed up by stating that while Skype does scan messages to filter out spam and phishing websites, there's no actual reading involved.

But the H Security blog points out that these sites typically aren't housed under HTTPS URLs. It also said that in order to check a secured link for spam or phishing, Skype would actually need to examine its content. In contrast, the blog also points out that Skype typically sends HEAD requests, which merely fetch administration info relating to the server. It also doesn't access the commonly used HTTP URLs.

However, ZDNet followed up with an article to ease any privacy concerns and reported that the address in question is likely part of Microsoft's SmartScreen infrastructure. This is used to identify suspicious and dangerous URLs so that it can block phishing sites, malware and spam across the company's portfolio of services, including Internet Explorer and It's presumed that Skype picked up SmartScreen when it integrated the Windows Live Messenger network.

"SmartScreen doesn't scan every link in every IM or email. It doesn't need to," ZDNet reports. "Those test links are unfamiliar and possibly suspicious, so the SmartScreen servers asked for more information from the server, using a HEAD (not GET) request, with the exact URL that was included in the original Skype message."

Thus, what seems to be happening is a process that's similar to what mail servers do when they check the header information on an incoming message to determine whether it's unwanted spam. Unfamiliar URLs shared in a Skype instant message may be investigated by a SmartScreen server which will in turn request more information about the server from which that URL originated. That information will be used to determine if the link is legitimate.

This automated process undoubtedly helps protect Skype users from clicking on links to phishing sites or those packed with malware. So far, there's no evidence that someone at Microsoft is sitting back in their chair reading everything Skype users type on the screen.

Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • 1 Hide
    Soda-88 , May 15, 2013 5:12 PM
    Feels like Skype is a necessary evil nowadays, between a year old IP exploit that causes DDoSing and now this.
    I miss MSN messenger, UI, mail notification, picture sharing was all so much better
  • -1 Hide
    jhansonxi , May 15, 2013 8:45 PM
    You don't need Skype for MSN yet. There's a workaround:
    Pidgin is also an alternative.
  • 0 Hide
    icycool , May 15, 2013 8:59 PM
    Oops... seems Skype scumbags have removed the thread.
    Use this link.
  • Display all 7 comments.
  • -2 Hide
    ddpruitt , May 16, 2013 6:24 AM
    For anyone actually willing to READ the original article all they're visiting the URLs passed in a message. More importantly they're using the URL as is without cleaning it up. I could see this used as an attack against Skype (deliberately sending malformed URLs or sites with exploits).
    Clearly Skype doesn't know much about security, this is a big no no.
  • 0 Hide
    Non-Euclidean , May 16, 2013 8:16 AM
    "Clearly Skype doesn't know much about security, this is a big no no. "
    What? MS not knowing much about security? Since when?
  • -2 Hide
    Pherule , May 16, 2013 9:14 AM
    "What? MS not knowing much about security? Since when?"
    All day 'erry day.
  • 1 Hide
    The_Trutherizer , May 17, 2013 8:30 AM
    This article is blissfully boring it turns out. So its just an anti phishing measure. Sounds reasonable to me.
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS