In the present online atmosphere, cybercriminals keep discovering new ways of conducting their scams. There has been a recent scam that targets WhatsApp users by taking advantage of the “linking the device” feature. Cybercriminals have named the technique Ghost Pairing, according to security professionals. Using this technique, hackers can connect with WhatsApp accounts without stealing passwords, SIM cards, or-phone verification codes.
How Ghost Pairing Works
- Ghost Pairing is based on social engineering. Hackers deceive users into associating their WhatsApp account with their fake device. This common scam starts with a message from a trusted contact. This message could read, for example, “Hey, I just found your photo.”
- On clicking the link, a mock webpage opens. This webpage contains what appears to be a picture viewer of the Facebook kind. This webpage prompts the user for completion of a verification process. This webpage, despite its looks, initiates the process of pairing devices in the background. This webpage also prompts the user for his phone number.
- The numeric code pairing code will be created. The rip-off page will ask the user to key in the code on WhatsApp. The user will be made to believe that the process is a security test. After the code entered, the account will be associated with the scammer’s smartphone.
What happens after pairing?
After the device is connected, the attacker accesses the WhatsApp Web. The attacker can view private messages and even communicate through the account. The recipients of the messages may believe the messages because they could be real. The victim often will not realize that the account has been accessed.
The Origins and Spread of the Scam
First reported in the Czech Republic, Ghost Pairing was identified. According to experts, the threat may proliferate further. Attackers could use hacked accounts to provide victims with links via contacts. The connected device will be active until a user manually removes it.
What Makes This Scam So Successful
This scam does not take advantage of weaknesses in software. It depends on human behavior. Scammers use trust, fear, and urgency in order to trick victims. This approach is called social engineering. Scammers use user behavior in order to trick victims into granting access without realizing it.
How to Protect Your WhatsApp Account
- Check the "Linked Devices" section in WhatsApp settings on a regular basis
- Any device that you don’t recognize should be removed
- Do not scan any QR codes or enter pairing codes for unknown links
- Validate unexpected messages, even if they are from trusted contacts Add two-step verification feature for enhanced safety
Tags Cloud
