Ghost Pairing Attacks Are Taking Over WhatsApp Accounts.

Posted on by

If you use WhatsApp, you may be a victim of scammers who aim to take over your account by linking your browser to your phone number. This scheme, dubbed GhostPairing by researchers , exploits WhatsApp’s device linking process, allowing scammers to access all your messages, impersonate you in chats, and continue scamming your contacts. Here’s how attackers hack WhatsApp accounts—and how to protect yours.

GhostPairing manipulates the pairing of WhatsApp devices.

WhatsApp allows users to link their computer or browser to their account without having to enter credentials in one of two ways: by scanning a QR code and confirming the session, or by confirming a numeric pairing code in the mobile app. While the GhostPairing scam could theoretically use either of these methods to deceive users, researchers have found that the second method is much more common.

The scam begins with a short message from a contact containing a link that supposedly leads to a photo or other content on Facebook. If you click the link, you’ll be redirected to a fake Facebook login page, where you’ll be asked to enter your phone number—a familiar verification process for Meta platforms. The next screen will likely display a numeric code with instructions to enter it into WhatsApp to confirm your login (again, this may look familiar to you like two-factor authentication). If you’re not paying attention, you might not notice that this hasn’t affected your account in any way, but instead has registered the attacker’s browser as a device associated with your account.

Download Newsletter

Never miss a beat in the tech world! Get the latest news, reviews, and tips from Jake and his team.

To complete your subscription, please complete the checkout below.

Success!
Everyone is registered.

By clicking the “Register” button, you confirm that you are 16 years of age or older and agree to our Terms of Service and Privacy Policy .

The danger of this scam is that everything will appear normal on your device and account, as the attackers haven’t hacked your credentials to block your access. However, they can do everything you can on WhatsApp: read chats, receive messages, view and download media files, collect information about your contacts, and forward the same phishing link. As they learn more about you and your contacts, they can use this information for further fraudulent activity.

How to secure your WhatsApp account

As always, be cautious with links received through messaging apps, even if they seem harmless or you think you know and trust the sender. Fraudsters often use social media and private messages to spread phishing scams. If you do click a link in WhatsApp (or any other message), carefully read all the prompts before providing or verifying any information to identify the scam.

What do you think at the moment?

To protect your WhatsApp account, you can set up two-factor authentication , which will also prevent hackers from adding or changing your linked email address. Go to Settings > Account > Two-Factor Authentication > Enable or Set Up a PIN and add your email address when prompted. You can also check for suspicious devices linked to your account in Settings > Linked Devices and remove any you don’t recognize or that you regularly use.

Finally, if you’ve fallen victim to this scam, please notify your WhatsApp contacts, as attackers may distribute a malicious link disguised as a message sent by you.

More…

Mobile Apps

Leave a Reply