What is the story about?
WhatsApp has become an inseparable part of our lives, storing years of personal chats, photos, documents, voice notes and private information for millions
of users.
However, as cybercrime cases continue to rise, scammers are finding new ways to take control of WhatsApp accounts, going beyond passwords and one-time passwords (OTPs). One such scam is ghost pairing.
What is ghost pairing?
Scammers secretly link a victim's WhatsApp account to another device without their knowledge. They often trick users into sharing a verification code or scanning a fake and malicious QR code, allowing attackers to pair the account to WhatsApp Web or another device.
Once linked, the scammer can read messages in real time, while the victim continues using WhatsApp normally, often unaware of the scam.
How does ghost pairing scam work?
Ghost pairing exploits WhatsApp's Linked Devices feature, which allows users to access their account on multiple devices. Cybercriminals misuse this feature through social engineering, not hacking.
Scammers generally contact the victim via call, message, email or WhatsApp, posing as a friend, company executive, bank official, delivery agent or even WhatsApp support. The victim is asked to share a verification code or scan a QR code, often under the pretext of account recovery, job verification, prize claims or urgent security checks.
Scammers also threaten victims with panic-inducing statements, such as if you don't perform this action, your phone number will be blocked immediately or the bank account will be frozen. Sometimes, they may also say something harmless, such as "Hey, is this you in this photo?" or "I just found your picture".
Once clicked, the link opens a fake webpage designed to look real. The page then asks the user to verify the code or share the QR and by doing so, the victim unknowingly links the attacker's device to their account.
The attacker then gains real-time access to chats, media and conversations, while the victim continues using WhatsApp normally. The stolen chats may be used for financial fraud, identity theft, blackmail or further scams.
How can users protect themselves from ghost pairing scams?
Never share passwords, PINs or QR scams with someone, as it can give them direct access to your account.
Check your linked devices regularly. For this, go to WhatsApp Settings and then "Linked Devices" and review all active sessions. Log out immediately if you see any unfamiliar device.
Do not scan QR codes sent via messages, emails or social media links claiming to be from WhatsApp or customer support.
Be alert to social engineering hacks and verify before responding.
