WhatsApp users are being cautioned about a new scam known as “GhostPairing,” which deceives them into giving attackers access to their accounts. Uncovered recently by cybersecurity firm Avast, this threat is particularly dangerous as victims may remain unaware of the compromise for extended periods.
In contrast to previous scams focused on password theft, this scheme can result in more severe fraudulent activities. Experts highlight that scammers gaining access to private chats, voice notes, and photos create avenues for impersonation, targeted scams, and potential extortion.
The scam typically begins with the victim receiving a message from a trusted contact, often claiming to have found their photo and providing a link. Clicking on the link takes the user to a fake webpage resembling Facebook, requesting them to “verify” to view the image.
However, this seemingly innocent security verification is part of WhatsApp’s device-linking process. By entering a valid pairing code, victims unknowingly grant the attacker’s browser access as a linked device, enabling ongoing intrusion into messages, photos, and contacts without the need for a password change or account lock.
Once an account is compromised, it starts sending messages to contacts, allowing the scam to spread organically. To safeguard against such scams, users are advised to check their WhatsApp settings for linked devices and remove any unfamiliar ones, treat any website requests to scan QR codes or enter pairing codes with suspicion, and enable two-step verification while sharing awareness with family and group chats.