If you use WhatsApp, you may be targeted by scammers looking to take over your account by pairing their browser to your number. This scheme, dubbed GhostPairing by researchers, uses WhatsApp's device linking process to allow fraudsters to access all of your messages, impersonate you in chats, and perpetuate the scam to your contacts. Here's how threat actors are hijacking WhatsApp accounts—and how to defend yours.
WhatsApp allows users to link their desktop or browser to their account without needing to enter login credentials in one of two ways: scanning a QR code and approving the session or confirming a numeric pairing code in the mobile app. While the GhostPairing scam could theoretically manipulate users in either approach, researchers found that the latter is much more common.
The fraud begins with a short message sent from a contact with a link that purportedly goes to a Facebook photo or some type of Facebook content. If you click through, you'll be directed to a spoofed Facebook login page to enter your phone number—a familiar confirmation flow for Meta platforms. The next screen will likely show a numeric code with instructions to enter said code into WhatsApp to confirm the login (again, this may feel like a familiar two-step verification). If you're not paying attention, you may not realize that this didn't do anything on your end but instead registered the attacker's browser as a linked device to your account.
The danger in this scam is that everything will seem normal on your device and in your account, as attackers haven't hijacked your credentials to lock you out. However, they can do anything and everything in WhatsApp that you can, such as reading chats, receiving messages, viewing and downloading media, collecting information from your contacts, and forwarding the same phishing link. As they learn more about you and the people you know, they can potentially use that for ongoing scams.
How to protect your WhatsApp account
As always, be wary of links received via messaging platforms, even if they seem harmless or you think you know and can trust the sender. Threat actors frequently use social media and direct messaging to spread phishing lures. If you do click a link in WhatsApp (or any other communication), read all prompts carefully before providing or verifying any information to identify scams.
To protect your WhatsApp account specifically, you can set up two-step verification, which will also prevent attackers from adding or changing a connected email address. Go to Settings > Account > Two-step verification > Turn on or Set up PIN and add an email address when prompted. You can also check to see if there are any suspicious devices paired with your account under Settings > Linked devices and remove any you don't recognize or regularly use.
Finally, if you have been targeted by this scam, let your WhatsApp contacts know, as threat actors may spread the malicious link by making it look like it came from you.
Hence then, the article about ghostpairing attacks are taking over whatsapp accounts was published today ( ) and is available on Live Hacker ( Middle East ) The editorial team at PressBee has edited and verified it, and it may have been modified, fully republished, or quoted. You can read and follow the updates of this news or article from its original source.
Read More Details
Finally We wish PressBee provided you with enough information of ( 'GhostPairing' Attacks Are Taking Over WhatsApp Accounts )
Also on site :
- Samsung Plans to Bring Google Photos to Samsung AI TV Lineup, Helping Users Relive Their Favorite Memories on the Big Screen
- Hilton assisted living facility evacuated overnight due to water leak
- Quantum Computing in Financial Services Market Set to Reach USD 6.3 Billion by 2032 as Banks Move from Experimentation to Quantum Advantage .. DataM Intelligence