Today a major Skype vulnerability was reported and quickly fixed. http://thenextweb.com/microsoft/2012/11/14/security-hole-allows-anyone-to-hijack-your-skype-account-using-only-your-email-address/?fromcat=all
The problem stemmed from the fact that Skype doesn’t validate emails.
When you sign up for many services, you enter an email address and then click a link that the company sends to that address to validate that it is an address you control.
Skype just signs you up and sends a welcome email to the address you entered.
So what happens in this attack is that someone signs up an account using your email address. They then add a secondary email to the account, their own.
They can request a password reset from their account, but because of the email linkage it will also affect your Skype account. If the attacker knows your Skype username, they can now take it over.
It’s surprising that something like this wasn’t publicized earlier, but there’s not too much for an attacker to gain from a Skype account. However having little value is no excuse for overlooking basic security.