WhatsApp GhostPairing Scam Alert: Millions of users at risk of silent account hacking
A new cyber threat called the GhostPairing scam is putting WhatsApp users at serious risk. Hackers are misusing WhatsApp’s device linking feature to secretly access accounts without OTPs, passwords, or SIM swaps.
WhatsApp is a popular instant messaging app in India and is widely used for chatting, voice calls, video calls, and sharing photos and videos. However, increasing cybercrime cases have made WhatsApp users a prime target for scammers.
However, nowadays, malicious hackers have been warning about another WhatsApp hacking method known as GhostPairing that can give hackers complete access to a user's account within minutes.
What is the GhostPairing scam?
The GhostPairing scam involves a type of hacking where a criminal exploits an official device linking functionality provided by WhatsApp. This helps a hacker link their device to yours without needing your password, OTP, or SIM card.
This vulnerability was identified by the cybersecurity organisation Gen Digital, which warned that consumers were inadvertently allowing scammers to gain access.
From where does the scam originate?
The scam normally originates from a message that comes from a known contact, making it seem legit. It normally reads something like, 'Hey, I found your photo!' along with a link that seems fishy.
What happens if you fall into the trap of the GhostPairing scam:
- When the link is clicked, a fake website resembling the photo viewer feature of Facebook is opened.
- This website requests that the visitor confirm his or her identity by entering a phone number.
- Then, the real device pairing code is sent through the use of WhatsApp.
- The code is what the scammer convinces victims to use on this bogus site
After the code is entered, the hacker gains immediate access to the victim’s WhatsApp Web that is associated with their account.
Things hackers can do after hacking WhatsApp
- If hackers manage to gain entry
- It should be noted that after a successful GhostPair
- Read your whole WhatsApp chat.
- Download photos, videos, and documents.
- Send messages to your contacts and groups
- Receive real-time notifications about incoming messages
The most alarming thing about this, however, is that your WhatsApp service continues to function perfectly on your cell phone, meaning that you would not even know that your account has been compromised.
Why this scam is extremely dangerous
In GhostPairing, there is no SIM swapping and OTP theft, thus making it difficult to trace. With this scam being automatically distributed among the contacts and group members of the victim, more people are susceptible to it.
This online trick was first noticed in the Czech Republic, but it may spread internationally, even reaching India.
How to avoid being affected by the WhatsApp GhostPairing Scam?
To protect yourself:
Never click on a suspicious link, even when it comes from people you know. Never put your WhatsApp pairing and verification codes on any website. WhatsApp messages coming from a Linked Device