Elon Musk's X to deploy scam kill switch by auto-locking first-time crypto mentioners

The move comes in response to a wave of phishing attacks using fake copyright emails and is the latest in an attempt to shut down crypto-linked scams on the platform.

What to know:

• X will auto-lock accounts posting about crypto for the first time to reduce scam activity, according to its Head of Product Nikita Bier.
• The move comes in response to a wave of phishing attacks using fake copyright emails and is the latest in an attempt to shut down crypto-linked scams on the platform.
• Bier criticized Google for allowing phishing emails through Gmail, failing to protect users on its side.

Social media platform X is preparing a new security measure aimed at shutting down a widespread form of crypto phishing that leverages hijacked accounts to promote scam tokens.

The company will soon auto-lock any account that mentions cryptocurrency for the first time in its history, according to the company’s Head of Product Nikita Bier. Users will need to go through additional verification before being allowed to post again.

Bier said the feature targets the core incentive behind these attacks. “This should kill 99% of the incentive,” he wrote, referring to the current wave of phishing that tricks users into giving up their credentials, then uses their accounts to push crypto scams.

The change was unveiled in response to a detailed firsthand account from an X user who lost control of their account after falling for a phishing email disguised as a copyright violation notice.

The attacker, the user said, used a pixel-perfect fake login page to harvest two-factor codes, then locked the user out and began promoting fraudulent crypto projects from their account.

Crypto scams on X

These types of attacks have been extremely common on X, an inheritance from before it was acquired by Elon Musk and was still called Twitter.

One of the most common tactics is the "double your money" scam, in which users are told to send cryptocurrency in exchange for a promise of more. Others push fake memecoins or fraudulent airdrops, often using hijacked accounts to lend credibility.

Impersonation is one of the most powerful tools. Spoofed accounts impersonating major personalities have repeatedly tricked followers into clicking malicious links that mimic legitimate crypto platforms.

Cryptocurrency transactions are irreversible, so once a user falls for such an attack, their funds are gone.

The most infamous example came in 2020, when hackers accessed Twitter’s internal systems and took control of major accounts, including those of Apple, Barack Obama, and Elon Musk.

They used those accounts to promote a fake bitcoin giveaway, netting over $100,000 before the posts were removed. That breach, carried out through social engineering against Twitter employees, resulted in the hacker receiving a 5-year sentence.

X has made several attempts to bolster security. These have included bot purges, API restrictions, and behavioral detection. The latest move to auto-lock accounts that post about crypto for the first time builds on those efforts, aiming to cut off the tactic at its root: by making hijacked accounts useless for scams.

Bier also called out Google for failing to stop phishing emails at the email level, pointing the finger at the tech giant’s share of the responsibility for failing to protect its users from phishing attacks.

More For You

Most crypto privacy models weaken as blockchain data grows. Encryption-based models like Zcash strengthen. CoinDesk Research maps the five privacy approaches and examines the widening gap.

Why it matters:

As blockchain adoption scales, the metadata available to machine learning models scales with it. Obfuscation-based privacy approaches are structurally degrading as a result. This report provides a comprehensive comparison of all five major crypto privacy architectures and a framework for evaluating which models remain durable as AI capabilities improve.

More For You

The conflict centered on a proposal to fund product development and expansion, which ACI opposed due to concerns over self-voting and lack of transparency.

What to know:

• The Aave Chan Initiative (ACI) is shutting down due to a dispute with Aave Labs over transparency and voting power related to a record budget request.
• The conflict centered on a proposal to fund product development and expansion, which ACI opposed due to concerns over self-voting and lack of transparency.

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

51 minutes ago

Bitcoin trims big loss, stocks erase 2% decline, as Iran signals cooperation on key shipping route

52 minutes ago

Crypto for Advisors: Crypto custody’s evolution

1 hour ago

North Koreans hackers likely behind $286 million Drift Protocol exploit: Elliptic

1 hour ago

Oil shock, Iran war risk keep crypto investors on sidelines: Grayscale

2 hours ago

The 'time pain' trap: why bitcoin’s bear market might need a few more months of ‘boring’ to hit a true floor

2 hours ago

Coinbase’s AI payments system joins Linux Foundation, gathers support from Google, Stripe, AWS and others

3 hours ago

SoFi announces 24/7 banking hub that blends traditional cash with crypto

4 hours ago

The bitcoin treasury boom is unwinding as some companies and governments sell holdings

6 hours ago

Solana DeFi platform Drift confirms 'active attack' as more than $200 million leaves platform

21 hours ago

Three key signals to watch as bitcoin whipsaws on Trump’s Iran rhetoric

10 hours ago

Bitcoin’s crashes are shrinking, and Wall Street is starting to notice

Apr 1, 2026