WhatsApp users across the UK are being urged to stay vigilant following the discovery of a sophisticated new scam known as 'GhostPairing'. Cybersecurity specialists have uncovered this threat, which allows criminals to hijack accounts and opens the door to serious crimes including impersonation and targeted fraud.
How the 'GhostPairing' Scam Operates
The attack begins with a deceptive message, often appearing to come from a trusted contact. This message typically contains a phrase like "hey, I found your photo" accompanied by a link. Clicking this link redirects the user to a counterfeit website designed to look like Facebook, which prompts them to complete a 'verification' step to view the supposed image.
This verification step is the heart of the scam. Unbeknownst to the victim, the page is actually part of WhatsApp's legitimate device-linking process. By entering the pairing code shown, the user inadvertently grants the attacker's browser permanent access to their WhatsApp account as a linked device.
The Severe Consequences of Account Compromise
Once access is granted, the criminal gains ongoing, stealthy entry to the victim's private world. This includes all personal chats, sensitive voice notes, photos, and contact lists. Crucially, this access does not require a password change or trigger an account lockout, meaning victims may remain completely unaware of the breach for months.
This prolonged access creates significant dangers. Experts from the cybersecurity firm Avast, which uncovered the threat, warn that it facilitates impersonation, highly targeted scams against the victim's contacts, and potential extortion using stolen private media. Furthermore, the compromised account automatically helps the scam spread by sending the malicious link to the victim's own friends, family, and group chats.
Essential Steps to Secure Your WhatsApp
Protecting yourself from the 'GhostPairing' threat requires proactive security measures. Users are strongly advised to take the following actions immediately:
- Audit your linked devices. Go to WhatsApp → Settings → Linked Devices and review the list. Immediately remove any device you do not recognise.
- Be extremely wary of QR or pairing code requests. Treat any request from a website asking you to scan a WhatsApp QR code or enter a pairing code as highly suspicious. This is not a standard security practice for viewing images.
- Activate two-step verification. Enable this feature in your WhatsApp settings. It adds an essential extra layer of security by requiring a PIN when registering your phone number with WhatsApp again.
- Share awareness. Discuss this scam with family, friends, and in group chats to help prevent others from falling victim.
The discovery of the 'GhostPairing' scam, reported on 19 December 2025, serves as a critical reminder that even platforms with robust encryption can be compromised through social engineering. Staying informed and practising good digital hygiene is your best defence.
