A new and highly dangerous cyber scam known as “Ghost Pairing” has recently surfaced on WhatsApp, raising serious concerns among users. The scam allows hackers to secretly access a victim’s WhatsApp account without stealing passwords or OTPs, making it extremely difficult to detect.
Hyderabad City Police Commissioner Sajjanar has also issued an alert, warning users to stay vigilant against this growing cyber threat.
What Is Ghost Pairing?
Ghost Pairing refers to a method where a hacker secretly links a victim’s WhatsApp account to another device or browser, such as WhatsApp Web. Although the victim’s phone remains in their possession, the hacker gains real-time access to messages, photos, calls, and group chats.
As a result, users often remain unaware that their account has been compromised.
How the Scam Works
Typically, the victim receives a message from a known contact or a trusted-looking number. The message often says something like, “Hey, I saw a photo of you online. Is this you?” along with a suspicious link.
Once the victim clicks the link, it redirects to a fake webpage resembling platforms like Facebook. To view the photo, the page asks for the victim’s phone number. After the number is entered, the hacker opens WhatsApp Web on their device and enters the same number.
At this point, WhatsApp sends an 8-digit pairing code to the victim’s phone. The fake webpage then asks the user to enter that code, claiming it is needed to verify they are not a robot. The moment the code is entered, the hacker’s device gets linked to the victim’s WhatsApp account.
Dangers of Ghost Pairing
Once access is gained, hackers can monitor chats in real time. They can also download personal photos, videos, and sensitive information, including banking details.
Moreover, attackers often misuse the compromised account to send fraudulent links to the victim’s contacts, spreading malware and creating more victims.
How to Stay Safe
Cyber experts advise WhatsApp users to avoid clicking on unknown or suspicious links, even if they appear to come from trusted contacts. Users should never enter their phone number or verification codes on external websites.
Additionally, it is important to regularly check the ‘Linked Devices’ section in WhatsApp settings. If any unknown device appears, users should immediately log it out.
Enabling Two-Step Verification adds an extra layer of protection, as it requires a PIN before linking any new device. Finally, users should pay close attention to notifications that say “A new device is being linked” and cancel the process if it was not initiated by them.
Stay Alert, Stay Safe
With cyber crimes evolving rapidly, awareness remains the strongest defense. Authorities urge WhatsApp users to stay cautious and report suspicious activity immediately to prevent data theft and financial loss.
