WhatsApp users are being alerted to a new scam known as “GhostPairing” that deceives them into providing unauthorized access to their accounts. This latest threat, uncovered by cybersecurity company Avast, poses a significant risk as victims may remain unaware of the breach for extended periods.
Unlike previous scams that primarily aimed at stealing passwords, this scheme can lead to more severe fraudulent activities. Security experts caution that the scammers gaining entry to private conversations, voice recordings, and images can lead to identity theft, targeted fraud, and potential extortion.
The scam typically begins with the victim receiving a message from a trusted contact, claiming to have found their photo, along with a link. Upon clicking the link, users are directed to a counterfeit webpage resembling Facebook, where they are prompted to “verify” before viewing the image. However, this seemingly innocuous verification process is actually a part of WhatsApp’s device-linking mechanism.
By inputting a valid pairing code, victims inadvertently link the attacker’s browser as a device, granting continuous access to messages, media, and contacts without the need for a password change or account lock. Once compromised, the account sends out messages to contacts, perpetuating the scam further.
To safeguard against such scams, users are advised to take preventive measures, including regularly checking Linked Devices in WhatsApp settings and removing any unfamiliar devices, treating any requests to scan a WhatsApp QR code or enter a pairing code with suspicion, and enabling two-step verification while raising awareness among family and group chats.