But now it seems the Skype client software may also be flawed, as the experts over at Secure Science have revealed the system can be used as an advanced phishing platform.
In a process known as `SkypeSkrayping', Secure Science says that users are being contacted - ostensibly by Skype HQ - via instant messaging, and offered a free $25.00 credit if they visit a site.
Of course, the site is a frame or image-infected one and - quelle surprise - the Skype user ends up being infected in response to the link in the instant message.
The bad news is that, once infected, it seems the fraudsters can gain remote access to the users' Skype account and add extra facilities which can then used by the remote user or, perhaps worse, used to phish for other victims and so tarnish the phished users' reputation.
Interestingly, Secure Science says that the phisher can also gain access to the phishee's outbound telephony calling facility.
This could be used, Infosecurity notes, to make free (to the fraudster) international phone calls via so-called spoof Caller ID services, which are normally charged a premium, and perform other scams as a result.
The good news is that Skype says it is aware of this client software flaw and is working on an update.