Overview
- The BSI issued an active alert about “Ghost Pairing,” which abuses WhatsApp’s Linked Devices feature to take over accounts.
- Scammers drive victims to fake sites that trigger the official pairing flow using an eight‑digit code or deceptive QR prompts.
- Once a secondary device is linked, attackers can read conversations and media while the original app continues to operate normally.
- Compromised accounts may be used for data theft, extortion and further phishing, with some reports noting attempts to lock users out.
- Authorities urge users to ignore unknown links and QR codes, enable WhatsApp two‑step verification, review linked devices, and change passwords if compromise is suspected.