Ahmedabad: Cybercrime police in Rajkot have hit upon a sophisticated new scam in which fraudsters exploited the “link device” or “companion mode” feature on the WhatsApp accounts of their victims, mainly elderly people, to commit cyberfraud without needing to use a sim card. This threat, which cybersecurity experts refer to as GhostPairing, uses social engineering to hijack accounts. Social engineering refers to the manipulation of human psychology and error to trick individuals.In one high-profile case in Rajkot, an accountant transferred Rs 25 lakh to an unknown bank account after receiving messages from a hijacked account posing as his employer. “The inquiry revealed that a fraudster had used this modus operandi to access someone’s WhatsApp account and then contacted the accountant using it,” said J M Kaila, police inspector of Cybercrime police station.Kaila said, “The fraudsters first identify people who are less tech savvy, senior citizens who do not much use WhatsApp. They contact them, lure them with some scheme and convince them to scan a QR code or click on a file, and by doing this, they link the victim’s WhatsApp account with their device”. Traditionally, committing cyberfraud requires a physical sim card obtained through forged documents or identity theft. However, this new modus operandi abuses WhatsApp’s “companion mode,” which allows a single account to be accessed across up to five devices — one primary phone and four linked companion devices.The most important characteristic of GhostPairing is its invisibility. Because the victim is never logged out and the phone works normally without login alerts or OTP notifications, the surveillance can continue unnoticed for months. Criminals often monitor account activity silently, waiting for periods of inactivity — such as late at night — to strike.
