Meta is raising the stakes in its fight against scammers by deploying new detection systems across Facebook, Messenger, and WhatsApp that flag risky behaviour before users become victims.
The social media giant announced the fresh protections after security researchers uncovered a wave of sophisticated attacks exploiting device-linking features to hijack accounts. According to Meta's safety documentation, scammers have become increasingly skilled at avoiding traditional defences and moving through multiple platforms to evade detection.
WhatsApp users will receive alerts when they attempt to link a new device or share their screen during video calls with unknown contacts. The warnings appear before users complete the action, giving them a chance to reconsider. Meta noted that attackers frequently use device-linking requests as a gateway to account takeover, sometimes pretending to be talent competitions and asking users to enter verification codes after visiting a suspicious website.
On Facebook, new experimental alerts are being tested for suspicious friend requests. These warnings activate when requests come from accounts showing signs of scam activity, such as few mutual friends or unusual geographic locations. The goal is to help users make informed decisions about accepting or rejecting potentially harmful connections.
Messenger's expanded detection system represents a significant upgrade to tools introduced nearly a decade ago. When enabled through privacy settings, the scam detection feature automatically flags suspicious messages from unknown contacts. Users can then choose to submit those messages for AI analysis. If the system identifies potential scams, it educates users about common fraud tactics, including fake job offers promising quick money and investment schemes.
These defences arrive at a critical moment. Recent security research has documented a campaign dubbed "GhostPairing" that tricks WhatsApp users into unknowingly linking attackers' devices to their accounts. The scam begins with an innocent-looking message from a known contact, such as "I found your photo". Clicking the link opens a fake Facebook login page that secretly initiates WhatsApp's legitimate device-linking process. Victims who enter a verification code believe they are completing a standard security check, but instead grant attackers persistent access to their full message history, photos, and contacts.
What makes this attack particularly dangerous is that it does not require stealing passwords or compromising authentication. Criminals exploit WhatsApp's designed feature for connecting Web and desktop versions. Meta's enforcement teams have already removed over 21,000 Facebook accounts impersonating customer support to prevent similar social engineering attacks. The company has also disrupted nearly 8 million accounts associated with criminal scam centres since the start of 2025, many operated from Southeast Asia and the Middle East.
The vulnerability highlights a genuine tension in platform design. Device-linking features provide legitimate convenience for users accessing apps across multiple devices. Scammers have learned to exploit that convenience by manipulating users into completing the process themselves, leaving no trace of forced entry.
Meta's new warnings do not eliminate the underlying risk, but they shift the burden by making suspicious activity visible before damage occurs. Initial detection happens on users' devices to preserve encryption, though submitting messages for AI review does temporarily break end-to-end encryption to allow analysis. The company faces the task of balancing security with privacy, a trade-off that becomes sharper when scammers grow more sophisticated.
For users, the practical advice remains consistent: treat unexpected messages with scepticism, avoid clicking links even from known contacts, and regularly check linked devices in app settings to remove anything unrecognised. The elderly and less technically sophisticated users remain priority targets for these schemes, making education alongside automation essential to reducing the scale of fraud.