Scam: How is WhatsApp being hacked without an OTP or password? The GhostPairing scam has been revealed..
WhatsApp GhostPairing Scam: If you use WhatsApp for messaging and chatting, this news is for you. A new and dangerous cyber fraud has emerged for WhatsApp users, called the GhostPairing Scam. In this scam, hackers gain complete control of an account without needing an OTP, password, or even stealing the SIM card. According to a report by cybersecurity firm Gen Digital, this exploit doesn't rely on a technical bug, but rather on user negligence and trust. Once the account is linked, the hacker can access all chats via WhatsApp Web.
What is the GhostPairing Scam and how does it work?
The GhostPairing Scam misuses WhatsApp's official linked devices feature. The hacker tricks the user into linking a new device to their account themselves. Since this process happens within WhatsApp, no OTP or password is required. As soon as the device is linked, the hacker gains full access to WhatsApp Web.
How does this scam begin?
This scam usually starts with a message from a trusted contact, such as "Hey, I just found your photo!". The link provided with the message appears in WhatsApp with a preview similar to Facebook, which doesn't raise suspicion. The user clicks on the link and is redirected to a fake webpage that looks like a genuine photo viewer.
How does fake verification lead to account linking?
The fake website asks the user to verify themselves before viewing the photo. The user is asked for their phone number, and a numeric pairing code is generated. The user is instructed to enter this code into WhatsApp, which is presented as a normal security process. As soon as the code is entered, the hacker's browser is approved as a linked device.
How to protect yourself
Users should regularly check their Linked Devices in Settings and immediately remove any unknown devices. Never enter a QR code or pairing code received through a website or message into WhatsApp. Always keep Two-Step Verification enabled and do not click on links in unexpected messages without verifying them. Vigilance is the strongest way to protect yourself from the WhatsApp GhostPairing Scam.
Disclaimer: This content has been sourced and edited from TV9. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.
