The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning to WhatsApp users about a new scam called ‘GhostPairing’.
This trick allows cybercriminals to take full control of accounts without needing passwords or access to the user’s SIM card.
The scam starts with a simple message from a known contact, often saying, “Hi, check this photo,” along with a link. The link looks like it leads to Facebook content. When clicked, it opens a fake page that mimics Facebook and asks the user to verify their phone number to view the photo.
Once the number is entered, a pairing code appears. The page instructs the user to enter this code in WhatsApp in order to continue. In reality, this code links the scammer’s device to the victim’s account through WhatsApp’s legitimate device-linking feature. The hacker then gets remote access to read messages, view photos and videos, and even send texts from the account.
CERT-In says attackers can do such actions from anywhere without the victim noticing right away. The linked device stays hidden until checked manually.
To stay safe, never click unknown links, even from friends. Do not enter your phone number on external sites claiming to be WhatsApp or Facebook. Regularly go to WhatsApp Settings > Linked Devices and log out any unfamiliar sessions.
This alert comes as such scams spread quickly through compromised accounts. Users should remain cautious about protecting their chats and data.