Desk: If you use WhatsApp for messaging and chatting then this news is for you. A new and dangerous cyber fraud has emerged for WhatsApp users, which is being called Ghost Pairing Scam. In this scam, hackers gain complete control of the account without stealing OTP, password or SIM card. According to the report of cyber security firm Gen Digital, it is not any technical bug but the carelessness and trust of the user is taken advantage of. Once the account is linked, the hacker can access all the chats through WhatsApp Web.
GhostPairing Scam misuses the official linked device feature of WhatsApp. In this, the hacker himself persuades the user to link a new device to his account. Since this process happens within WhatsApp itself, no OTP or password is required. As soon as the device is linked, the hacker gets complete access to WhatsApp Web.
This scam usually starts with a message from a trusted contact, like Hey, I just found your photo!. The link given with the message appears in WhatsApp with a Facebook-like preview, which does not raise suspicion. The user clicks on the link and is taken to a fake webpage, which looks like the real photo viewer.
Fake website asks to verify the photo before viewing it. Here the phone number is asked from the user and a numeric pairing code is generated. The user is asked to enter this code in WhatsApp, which is said to be a normal security process. As soon as the code is entered, the hacker’s browser is approved as a linked device.
Users should regularly check Linked Devices by going to Settings and remove any unknown devices immediately. Never enter the QR code or pairing code received through any website or message in WhatsApp. Keep Two-Step Verification on and do not click on the link without verifying the sudden message. Vigilance is the strongest way to protect against WhatsApp Ghost Pairing Scam.
Comments are closed.