Elon Musk’s X is rolling out a new “kill switch” aimed squarely at the platform’s rampant crypto scams: accounts that post about cryptocurrency for the first time in their history will be auto-locked and forced through verification before the post can go live.
The change was confirmed by X Head of Product Nikita Bier in an April 1 reply to Predictfully founder Benjamin White, who recently had his account hijacked after responding to a phishing email disguised as a copyright notice. White’s account — taken via a fake login page that captured both his password and his two-factor code in real time — was immediately used to push fraudulent crypto promotions, a classic pattern among organized scam networks on X.
“We are in the process of implementing auto-locking + verification if a user posts about cryptocurrency for the first time in the history of their account. This should kill 99% of the incentive, especially since Google isn’t doing shit to stop the phishing,” Bier wrote, framing the feature as a targeted strike at the economic motive behind most account-takeover fraud on the platform.
Why this matters
- The auto-lock targets a near-universal signature of crypto scam campaigns: accounts with no prior crypto history suddenly posting promotional or transactional crypto content.
- By inserting verification at that precise moment, X is adding friction where hijacked accounts are normally weaponized, rather than trying to police every crypto conversation.
- The mechanism reportedly won’t affect established accounts that already have a history of discussing cryptocurrency.
Context: scams have been rising
Scam activity on X has been escalating into 2026. In March, on-chain investigator ZachXBT exposed a coordinated cluster of more than ten accounts that used war-related panic posts to funnel victims to fraudulent crypto schemes — on-chain data suggested the campaign netted six figures. And in September 2025, X disclosed a bribery ring that paid intermediaries to reinstate suspended crypto-fraud accounts, a revelation that triggered legal action by the company.
Limitations and the broader problem
Bier acknowledged a key weak link remains outside X’s control: phishing delivery via email providers. The hijack chain typically begins with a malicious email that lures users to a fake login page — a step X can’t directly prevent. Bier’s comment singled out Google for not doing enough to stem phishing, underscoring that platform-level defenses must be paired with better email security and user vigilance.
What this could mean for users and scammers
If the auto-lock performs as promised, it could drastically reduce the profitability of hijacking established accounts for one-off crypto shill posts, forcing scammers to adapt or abandon that tactic. For users, it should reduce the visibility of compromised accounts being used to push scams — but it won’t stop phishing itself, so strong personal security practices (unique passwords, hardware 2FA, and skepticism toward urgent copyright or security emails) remain essential.
X’s move is a focused, pragmatic effort to cut off a highly profitable fraud vector. Whether it truly eliminates “99%” of the incentive will depend on deployment details and whether other parts of the fraud supply chain — notably phishing delivery — are addressed by the wider tech ecosystem.
Read more AI-generated news on: undefined/news
