Wednesday, July 1, 2026
32.2 C
New Delhi

THIS WhatsApp Scam Lets Hackers Read Your Chats Without OTP Or Password

A new and dangerous scam is targeting WhatsApp users by misusing the app’s device-linking feature. Cybersecurity experts have flagged this attack, called GhostPairing, as highly deceptive because it does not involve stealing passwords, SIM cards, or verification codes. Instead, users are tricked into approving access themselves. The scam spreads quietly through trusted contacts and is hard to notice once activated.
Experts warn that this method exposes serious risks in how people understand device-pairing features on popular messaging apps.

GhostPairing WhatsApp Scam Explained: How Accounts Get Hijacked

According to cybersecurity researchers at Gen Digital, the scam starts with a harmless-looking message from a known contact. Messages like “Hey, I just found your photo!” are designed to spark curiosity. The message includes a link that appears with a Facebook-style preview inside WhatsApp, making it look safe.

When the link is clicked, users are taken to a fake webpage that looks like a Facebook photo viewer. Before showing the image, the page asks users to “verify” their identity. This is where the trap is set. The page secretly initiates WhatsApp’s official device-linking process.

Users are asked to enter their phone number, after which WhatsApp generates a numeric pairing code. The fake site then tells users to enter this code in WhatsApp, claiming it is a normal security step. Once the code is entered, the attacker’s device is approved without the victim realising it.

This gives hackers full WhatsApp Web access. They can read chats, download photos and videos, send messages, and receive new messages in real time. The victim’s phone keeps working normally, making the attack very difficult to detect.

WhatsApp Security Alert: Why GhostPairing Is Hard To Detect

Experts say GhostPairing is especially dangerous because it does not break encryption or exploit software bugs. Everything works exactly as designed. The scam relies purely on social engineering and human trust.

The campaign was first noticed in Czechia, but researchers warn it can spread globally. Once an account is compromised, attackers send the same fake link to the victim’s contacts and group chats, allowing the scam to spread fast through trusted networks.

Linked devices stay connected until users manually remove them. This means attackers can maintain access for long periods without being noticed.

To stay safe, users should regularly check Settings > Linked Devices, remove unknown sessions, avoid entering pairing codes from websites, enable two-step verification, and double-check unexpected messages, even from known contacts. Vigilance remains the strongest defence against such trust-based scams.

Go to Source

Hot this week

Aunt of Venezuelan boy pulled from rubble tells BBC she will give him ‘mother’s warmth’

Alice Cuddy and Mohamed Madi Caracas 33 minutes ago The aunt of a two-year-old boy who was rescued after six days under rubble in Venezuela has spoken to the BBC of her elation at being reunited with her nephew an Read More

Rabbi says AR Rahman’s communal bias claim ‘probably does exist’

Rabbi Shergill says AR Rahman’s communal bias claim ‘probably does exist’, points to The Kashmir Files and The Kerala Story (Image credits: Instagram) Singer-songwriter Rabbi Shergill, best known for Bulla Ki Jaana Read More

Taylor Swift and Travis Kelce’s wedding CONFIRMED!

Taylor Swift and Travis Kelce will have their wedding at Madison Square Garden on Friday night, according to a law enforcement official briefed on the security plans. Read More

ExtraEmily unbanned on Twitch just one day after distracted driving suspension

Image/Instagram Twitch streamer ExtraEmily has been unbanned from the platform just one day after receiving a suspension over a distracted driving incident during one of her livestreams. Read More

YouTuber Stephen McCullagh appeals life sentence after murdering pregnant girlfriend and using fake GTA livestream alibi

Image/X Former YouTuber Stephen McCullagh has filed an appeal against the life sentence he received for the murder of his pregnant girlfriend, Natalie McNally. Read More

Topics

Aunt of Venezuelan boy pulled from rubble tells BBC she will give him ‘mother’s warmth’

Alice Cuddy and Mohamed Madi Caracas 33 minutes ago The aunt of a two-year-old boy who was rescued after six days under rubble in Venezuela has spoken to the BBC of her elation at being reunited with her nephew an Read More

Rabbi says AR Rahman’s communal bias claim ‘probably does exist’

Rabbi Shergill says AR Rahman’s communal bias claim ‘probably does exist’, points to The Kashmir Files and The Kerala Story (Image credits: Instagram) Singer-songwriter Rabbi Shergill, best known for Bulla Ki Jaana Read More

Taylor Swift and Travis Kelce’s wedding CONFIRMED!

Taylor Swift and Travis Kelce will have their wedding at Madison Square Garden on Friday night, according to a law enforcement official briefed on the security plans. Read More

ExtraEmily unbanned on Twitch just one day after distracted driving suspension

Image/Instagram Twitch streamer ExtraEmily has been unbanned from the platform just one day after receiving a suspension over a distracted driving incident during one of her livestreams. Read More

YouTuber Stephen McCullagh appeals life sentence after murdering pregnant girlfriend and using fake GTA livestream alibi

Image/X Former YouTuber Stephen McCullagh has filed an appeal against the life sentence he received for the murder of his pregnant girlfriend, Natalie McNally. Read More

Ukrainian charged in Germany over Nord Stream blasts

Danish Defence Command Parul Gupta 2 hours ago German prosecutors have filed charges against a Ukrainian national over the blowing up of the Nord Stream pipelines under the Baltic Sea in 2022. Read More

US blocks long-term renewal of North American trade deal

Getty Images Francisco Velasquez Business reporter 2 hours ago The US has declined to renew the landmark US-Mexico-Canada Agreement (USMCA) in its current form, according to a senior US official. Read More

Nigeria to seek compensation for property abandoned by citizens fleeing South Africa

Getty Images Makuochi Okafor BBC Africa, Lagos 1 July 2026, 18:40 BST Updated 3 hours ago Nigeria says it will seek compensation from South Africa for its citizens who have left the country following recent protest Read More

Related Articles