For years, we’ve been told our phone is where security codes will be sent. Now scammers have worked out how to intercept, and they don’t even need to do much. With a few words and maybe a button press or two, a scammer could find their way in to your account, where you’d be none the wiser.
It’s an approach anyone with a WhatsApp account will want to hear about, and given there are over three billion people using WhatsApp monthly, it’s possibly information that everyone will want to know about.
What is “Ghost Pairing” and why is it a danger to WhatsApp account holders?
What is Ghost Pairing?
Your account details, messages, photos, and friends are yours and yours alone. Even with the end-to-end encryption offered by Meta’s technology in WhatsApp, the point of the communication technology is that they’re not really shared with anyone who shouldn’t be there.
You can talk to friends and family, converse with groups, and even use WhatsApp as a way to replace text messaging depending on what you’re doing, or even where in the world you might be travelling to.
Given that mobile data can be easier to deal with for on international trips than a new phone number, it’s no wonder that people often direct others to contact them on WhatsApp. It’s just more reliable.
But it’s also a treasure trove for scammers and criminals, especially if you use it to receive authentication triggers, like those used in multi-factor authentication. If you rely on WhatsApp for anything in the world of security, criminals would love to gain access, while the contacts of others also make it easier for them to gain access for more unsuspecting victims.
Ghost pairing effectively gives a criminal access by linking your account with another device or computer, something WhatsApp allows because it can link with your phone, tablet, and laptop to use it from any one of those devices. Yet instead of having your own devices be linked, ghost pairing means someone you don’t know is linked to your account, giving them access to your account, as well.
How does someone gain access to your WhatsApp account?
You may not recall giving anyone else access, but in ghost pairing, that’s largely the point. The ghost is the scammer, and they’re pairing without you being any wiser.
It all starts with a message, often from someone you already know. That’s the lure, with a contact reaching out including a link to something that seems rather innocuous: could you vote for my kid, or come check out this photo. Words like that.
From there, the site looks like a regular social page, but it’s actually an attempt at phishing, asking you to log in or verify your device. Those actions basically connect your account to someone else, with the scammer gaining access and downloading your account directly to their device.
They may not use anything at first, but they can see it all.
“It is highly effective because it does not rely on technical hacking, but on trust and familiarity,” said Stephen Kho, a Security Expert at Avast, he told Pickr, noting that over 90 percent of scams like this are being driven by social engineering and work between devices and browsers.
“Because WhatsApp pairing is a real feature, users are tricked into approving access themselves, which makes it especially difficult to detect in the moment,” he said.
How to stay on the defensive for ghost pairing
While it can be difficult to pick up on, especially given the element of trust, staying aware of what can happen is important, particularly if it means being suspicious of links, surveys, and messages that come in.
When links come in using WhatsApp, or any social platform for that matter, consider looking at the URL carefully.
Remember that scammers use the same processes each and every time, and can’t actually use the real www-dot-whatever domain name of the real networks. A scammer can’t make a page on Facebook, Meta, WhatsApp, or Instagram. Instead, they’ll often opt for something outlandish and nonsensical hoping you won’t check, or even use something similar with extra letters, such as WhatsApp with an extra two Ps for WhatsApppp.
Scrutinising those links you receive could just save you some heartache, and will make it less likely for you to get caught out with a Ghost Pair.
One last thing: you know what your friends and family sound like, so if you receive a message with a link inside that doesn’t sound like them, don’t bother clicking, but rather contact them on another method — on SMS or with a phone call — and ask them whether they sent it.
If they didn’t, consider heading to WhatsApp’s “Linked Devices” section and making sure they know each and every device that’s linked up. And if not, remove the ones they don’t know. That’s how you’ll get rid of ghost pairing before it haunts in worse ways.
