Whatsapp Scam: A new and dangerous cyber scam has emerged for WhatsApp users which is being called Ghost Pairing. This fraud is considered more dangerous because in this neither OTP is required, nor the password is stolen nor the SIM is swapped. Despite this, the fraudsters gain complete control over the victim’s WhatsApp account.
Why did the government issue the warning?
CERT-In (Indian Computer Emergency Response Team), an organization working under the Government of India, has issued an alert regarding this new threat. According to CERT-In, cyber criminals are misusing the device linking feature of WhatsApp and forcing users to fraudulently give access to their accounts.
How does GhostPairing scam work?
The biggest trick of this scam is social engineering, that is, the user himself is instigated to commit a mistake. According to CERT-In, attackers take advantage of WhatsApp’s Link a device feature to hijack accounts, that too without any additional authentication.
It has been told in the government advisory that with this method, cyber criminals can take control of the entire WhatsApp account while the user does not even know what is happening.
How do people fall into this trap?
According to CERT-In, victims often receive a message like “Hi, look at this photo.” This message may come from a contact the user trusts, or at least appears to do so. There is also a photo preview along with the message which makes it look real.
The game starts as soon as you click on the link
As soon as the user clicks on that link, he is taken to a web page where he is asked to verify his identity to view the photo. This is the moment when WhatsApp’s device linking process becomes active in the background.
One click and the account gets hacked
If the user unknowingly approves this request, the fraudster’s browser gets connected to the victim’s WhatsApp account. After this the attacker can access that account from his device, read the messages and send messages to others.
Why is this scam so dangerous?
The scariest thing about GhostPairing scam is that it does not require any technical hacking. The user himself gives access unknowingly, which puts the account in complete danger.
What precautions should be taken?
After the government’s warning, it is clear that WhatsApp users should be extremely cautious before clicking on any unknown link, even if the message comes from a known contact. A little carelessness can put your entire digital life in trouble.
Also read:
Google Assistant’s holiday decided? Know when Gemini will be completely replaced
