The malware (65404-SkypeDefenderSetup.exe) poses as a security plug-in called Skype Defender. If the user installs the malware, he will then be greeted with the following message:

Skype-Defender(TM) Installed! Please login to your account to apply new plugins”

The next step is to present the user with a fake Skype Logon screen. Needless to say, the user won’t be able to login. Every such attempt will result in the display of message saying that the name and password were not recognized. It is of little matter, as the malware has already sent the data mentioned above to a remote server.

Additionally, Skyper.B may also attempt to collect and send username and password information from the Windows Protected Storage service.

And now, for the good news. First of all, it’s easy to spot foul play due to the fact that the Sign In button is different from the one featured by a legitimate Skype screen. Also, the data will only be sent if the user actually click the fake Sign In button.

Also, the malware won’t install anything on the user’s computer and will not remain in the process list when closed by the user.

Last but not least, the malware was not design to spread itself automatically. You can only get it via mail or IM programs, or as download from a website.