CERT-In warns of 'GhostPairing' hijack targeting WhatsApp users
India's top cybersecurity team, CERT-In, just flagged a new scam called GhostPairing that's targeting WhatsApp users and has the potential to spread globally.
First spotted in Czechia, this trick lets attackers hijack your account—no password or SIM swap needed.
The warning dropped on December 19, 2025.
How GhostPairing actually works
You might get a message from someone you trust saying something like "Hey, I just found your photo!" with a link to a fake Facebook viewer.
If you enter your phone number there, scammers use it to get an official WhatsApp pairing code and then convince you to type that code into your app—making it way too easy for them to sneak in.
Why this matters and how to stay safe
Once inside, attackers can read your chats, download media, and even pretend to be you in groups.
To protect yourself: check WhatsApp's "Linked Devices" for anything suspicious, never share random codes or click weird links—even if they seem legit—and turn on two-step verification for extra safety.