New Delhi: A new scam tabbed GhostPairing is quietly targeting WhatsApp users wideness India and beyond. Unlike typical hacks, it doesn't steal your password or require a SIM swap. Instead, fraudsters trick victims into linking their WhatsApp worth to a subconscious device using the app's normal features, without any obvious alert.
The scam often starts with a simple message from a contact you know. It might say something like "Hey, I just found your photo!" and include a link. If you click it, you're led to a fake page that looks familiar, often mimicking Facebook. There, you are asked to "verify" surpassing viewing the photo. That prompt is the trap.
Why don't users notice the hack?
Once you enter your phone number and the verification code, you unknowingly legitimatize the attacker's device as a linked WhatsApp session. WhatsApp then treats it like any normal WhatsApp Web connection. The scam doesn't log you out or transpiration anything obvious. Your chats, photos and voice messages protract to towards as usual, plane while a criminal watches them from afar.
Authorities say this is what makes GhostPairing expressly dangerous. There's no sign of forced logout or alert. Many victims realise only when strange messages are sent from their worth or private data leaks.
How are scammers pushing links?
Experts point out that GhostPairing thrives on social engineering, using messages that finger personal and harmless. Since the links often come from someone you know, users click without thinking. Scammers moreover tailor the fake pages to squint trustworthy, increasing the odds of victims pursuit the steps needed to link the attacker’s device.
What can you do to stay safe?
Cybersecurity authorities including India’s Indian Computer Emergency Response Team (CERT-In) are urging users to be uneaten cautious:
- Don't click unexpected links, plane from friends or family.
- Never enter your phone number or WhatsApp codes on external sites.
- Regularly trammels 'Linked Devices' in WhatsApp settings and remove anything unfamiliar.
- Enable two-step verification for uneaten protection.
