WhatsApp has become an essential aspect of our daily lives, holding years of personal chats, photos, documents, voice notes, and sensitive information for countless users.
However, with the rise of cybercrime, scammers are discovering new techniques to seize control of WhatsApp accounts, moving beyond just passwords and one-time passwords (OTPs). One notable scam is ghost pairing.
What is ghost pairing?
In this scheme, scammers covertly link a victim’s WhatsApp account to another device without their consent. They often deceive users into sharing a verification code or scanning a fraudulent QR code, enabling attackers to connect the account to WhatsApp Web or another device.
Once paired, the scammer can access messages in real time, while the victim uses WhatsApp as usual, often oblivious to the breach.
How does the ghost pairing scam operate?
Ghost pairing takes advantage of WhatsApp’s Linked Devices feature, which allows users to access their account across multiple devices. Cybercriminals exploit this feature through social engineering rather than hacking.
Scammers typically reach out to the victim via call, message, email, or WhatsApp, impersonating a friend, company representative, bank official, delivery person, or even WhatsApp support. The victim is prompted to share a verification code or scan a QR code, often under the guise of account recovery, job verification, prize redemption, or urgent security checks.
Victims may be coerced with alarming statements, such as if they don’t take action, their phone number will be blocked immediately or their bank account will be frozen. Occasionally, they might say something innocuous like “Hey, is this you in this photo?” or “I just found your picture.”
Clicking the link directs the user to a deceptive webpage designed to appear legitimate. The page requests the user to verify the code or share the QR code, inadvertently linking the scammer’s device to their account.
The attacker then gains immediate access to chats, media, and conversations, while the victim continues using WhatsApp normally. The compromised chats may be exploited for financial fraud, identity theft, blackmail, or further scams.
How can users safeguard against ghost pairing scams?
Never disclose passwords, PINs, or QR codes to anyone, as this grants them direct access to your account.
Regularly check your linked devices. To do this, go to WhatsApp Settings and then “Linked Devices” to review all active sessions. Log out immediately if you find any unfamiliar devices.
Avoid scanning QR codes sent through messages, emails, or social media links that claim to be from WhatsApp or customer support.
Stay vigilant against social engineering tactics and verify before responding.
