X Platform Introduces Automatic Lockout for New Crypto Mentions to Combat Scams

X, a social media platform, is rolling out a security measure to combat a prevalent form of cryptocurrency phishing that exploits hijacked accounts to promote scam tokens. The platform will automatically lock any account that mentions cryptocurrency for the first time, as announced by Nikita Bier, Head of Product. To regain posting privileges, users must undergo additional verification. This move targets the primary incentive behind these phishing attacks, which deceive users into surrendering their credentials and then utilize their accounts to promote fraudulent crypto schemes. Bier stated that this feature should eliminate 99% of the incentive for these attacks. The decision was made in response to a detailed account from an X user who lost control of their account after falling for a phishing email disguised as a copyright infringement notice. The attacker used a fake login page to harvest two-factor codes, locked the user out, and began promoting fake crypto projects from their account. Such attacks have been common on X, a problem inherited from its predecessor Twitter. Tactics include the "double your money" scam, where users are promised more cryptocurrency in exchange for sending some, and fake memecoins or airdrops often promoted through hijacked accounts. Impersonation is a powerful tool, with spoofed accounts mimicking major personalities to trick followers into clicking malicious links resembling legitimate crypto platforms. Since cryptocurrency transactions are irreversible, once a user falls for an attack, their funds are lost. A notable example occurred in 2020 when hackers accessed Twitter's internal systems, taking control of major accounts, including those of Apple, Barack Obama, and Elon Musk, to promote a fake bitcoin giveaway, earning over $100,000 before the posts were removed. The hacker received a 5-year sentence for the breach, which was carried out through social engineering against Twitter employees. X has made several attempts to enhance security, including bot purges, API restrictions, and behavioral detection. The latest move to auto-lock accounts posting about crypto for the first time aims to cut off the scam tactic at its root by rendering hijacked accounts useless for scams. Bier also criticized Google for not stopping phishing emails at the email level, emphasizing the tech giant's responsibility to protect its users from phishing attacks.