WhatsApp users are being alerted to a new scam known as “GhostPairing” that deceives them into unwittingly granting attackers access to their accounts. Recently uncovered by cybersecurity company Avast, this scam is particularly dangerous as victims may not detect the compromise for an extended period.
Unlike previous scams that primarily aimed at stealing passwords, this scam can result in more severe fraudulent activities. Security experts caution that the scammers gaining access to private messages, voice notes, and photos can lead to impersonation, targeted fraud, and extortion.
The scam typically starts with the victim receiving a message from a trusted contact claiming to have found their photo, accompanied by a link. Clicking on the link directs the user to a fake webpage resembling Facebook, requesting them to “verify” before viewing the image. This seemingly innocuous verification step is actually part of WhatsApp’s device-linking process.
By entering a valid pairing code, victims unknowingly link the attacker’s browser as a device, granting ongoing access to messages, photos, and contacts without the need for a password change or account lock. Once an account is compromised, it automatically sends messages to contacts, facilitating the scam’s spread.
To safeguard your WhatsApp account from being paired with scammers, take the following precautions:
1. Regularly check WhatsApp → Settings → Linked Devices and remove any unfamiliar connections.
2. Exercise caution with any website requesting to scan a WhatsApp QR code or enter a pairing code.
3. Enable two-step verification and raise awareness among family and group chats about potential scams.