A new cyberattack, dubbed GhostPairing, is exploiting WhatsApp's linked devices feature to compromise user accounts without passwords. Identified by Gen Digital researchers, this social engineering tactic tricks users into granting unauthorized access.
How GhostPairing Works:
The scam starts with a message from a known contact, claiming to have found a photo of you via a fake Facebook link. Clicking this link takes you to a fraudulent page requesting your phone number. This page then displays a genuine pairing code generated by the attacker. Victims are then convinced to enter this code into their own WhatsApp app to "access" the content.
Once the code is entered, the attacker gains full control over your WhatsApp Web, accessing conversations, files, and even sending messages from your account. Since your mobile app remains functional, victims often don't immediately realize their account is compromised.
Spreading Rapidly:
GhostPairing utilizes various domain names like photobox.life and yourphoto.world, which are frequently changed to evade blocking.
Protection Tips:
- Activate Two-Step Verification: Add an extra layer of security to your account.
- Check Linked Devices: Regularly review and disconnect any unrecognized devices in your WhatsApp settings.
This scam highlights the importance of vigilance against social engineering tactics.
