WhatsApp messaging scam steals your personal data
WhatsApp users are being targeted by scammers in a new “GhostPairing” attack. Recently uncovered by cybersecurity brand Avast, this new scam convinces users to grant attackers access themselves, and it can be months before the individual is aware that anything has happened.
Rather than stealing passwords, as has been typical with these types of scams in the past, experts are warning that it can even lead to deeper fraud, as the scammer’s access to private conversations, voice notes, and photos creates opportunities for impersonation, targeted scams, and extortion.
How “GhostPairing” works
The scam begins with the victim receiving a message from a trusted contact, typically something along the lines of “hey, I found your photo” accompanied by a link.
When users tap the link, they’re then shown a fake Facebook-style page that asks them to “verify” before viewing the image. What appears to be a harmless security step is actually WhatsApp’s own device-linking flow.
By entering a legitimate pairing code, victims unknowingly add the attacker’s browser as a linked device, granting criminals ongoing access to messages, photos, and contacts without requiring a password change or account lockout.
Compromised accounts then send messages to friends, family, and group chats, allowing the scam to spread organically.
How WhatsApp users can avoid this scam
There are a few things that can be done to prevent scammers from pairing with your WhatsApp account:
- One step is to check WhatsApp → Settings → Linked Devices and remove anything unfamiliar.
- Treat any request from a website to scan a WhatsApp QR code or enter a pairing code as suspicious.
- Enable two-step verification and share awareness with family and group chats.
