WhatsApp users are being warned about a new and dangerous cyber fraud known as “Ghost Pairing,” which allows hackers to take control of accounts without directly compromising the app’s security systems.
According to cybersecurity experts, attackers exploit WhatsApp’s linked devices feature to gain full access to a victim’s account. Once compromised, hackers can read messages, view media files, and impersonate the user without triggering obvious alerts.
The scam usually begins with a fake link that closely resembles a trusted website. Victims receive the link through messages or social media. When users click the link and enter their mobile number and one-time verification code, they unknowingly link their WhatsApp account to the hacker’s device. In many cases, the victim receives no clear warning during this process.
⚠ ALERTA ESTAFAS: ¿QUÉ ES GHOST PAIRING?
👉 Una modalidad de fraude está circulando en WhatsApp. Permite a delincuentes acceder a cuentas sin bloquear al usuario, espiando sus conversaciones y datos personales.
👉 Seguí en #ArrancaLaTardeEnA24 pic.twitter.com/p7bvzw2ZOS
— A24.com (@A24COM) January 1, 2026After gaining access, attackers can monitor private conversations and download photos, videos, and voice notes. They can also send messages using the victim’s identity, enabling the scam to spread quickly to friends and family.
Cybersecurity specialists emphasise that this method is especially dangerous because it relies on user trust rather than on technical vulnerabilities. The linked devices themselves remain secure when used correctly, but careless sharing of verification codes creates a serious risk.
Read: New ‘GhostPairing’ WhatsApp Scam: How to Check & Secure Your Account
To stay protected, users are advised to regularly review the linked devices section in WhatsApp settings and remove any unfamiliar devices immediately. Activating two-step verification with a six-digit PIN adds another critical layer of security.
Una nuova campagna minaccia gli account WhatsApp. Si tratta del GhostPairing, un'acquisizione fraudolenta attraverso cui gli hacker si appropriano degli account nell'app di messagistica ▶️ 🔗 https://t.co/UuZ5Yc9OGa pic.twitter.com/9ce4tcn6Cn
— Sky tg24 (@SkyTG24) December 30, 2025Experts also urge users to stay alert when receiving links, even if they appear to come from known contacts. Users should never enter their phone number or verification code on unknown websites. When in doubt, verify by phone or message.
By staying cautious, monitoring linked devices, and using built-in security tools, users can significantly reduce the risk of falling victim to Ghost Pairing and similar cyber scams.
