Elon Musk’s X is rolling out a new safety measure aimed squarely at one of crypto’s most damaging abuse patterns: account takeovers used to pump scam tokens. The platform will now automatically lock any account the first time it posts about cryptocurrency, forcing a quick verification step before posting can resume. The move is intended to cut off an attacker’s ability to monetize hijacked accounts through fake giveaways, memecoins and other frauds that exploit follower trust.
How it works
- The auto-lock is triggered on an account’s first-ever crypto-related post.
- Once triggered, the account is locked and the user must complete an extra verification step to regain posting access.
- X says legitimate users should be able to unlock their accounts quickly after verification.
Why X is doing this
X engineers designed the change to blunt a common phishing playbook: attackers trick victims into revealing credentials (often via pixel-perfect fake login pages), harvest passwords and two-factor codes, lock the rightful owner out, and immediately use the account’s credibility to promote scam tokens. “This should kill 99% of the incentive,” Bier wrote in response to a user who described losing control of their profile to a phishing email disguised as a copyright notice.
Bier also publicly called out Gmail, alleging that email providers aren’t doing enough to stop phishing campaigns from reaching users: “Google isn’t doing shit to stop the phishing,” he wrote, framing the auto-lock as a workaround for threats that originate outside X’s control.
Context and limitations
Crypto-linked account hijackings have been a persistent problem since Twitter days, and the Federal Trade Commission has documented that social-media crypto scams have ballooned into a multi-billion-dollar abuse vector. Hijacked accounts are especially valuable because their established follower trust converts almost immediately into funds funnelled on-chain — a nearly irreversible outcome for victims.
The auto-lock builds on prior X efforts to fight mention-spam and coordinated crypto-promotion behavior, but it’s not a cure-all. Critics note the feature only intervenes after an account posts about crypto — by then the account holder may already have been phished. If email providers and other upstream services don’t do more to block phishing at the source, that attack chain remains intact. The policy may also create short-lived friction for legitimate long-time users who post about crypto for the first time, though X says the verification process will be brief for genuine accounts.
Why it matters now
Overall crypto-related hack and phishing losses have eased in recent months — February 2026 logged the lowest monthly total since March 2025 — but the $285 million Drift Protocol exploit this week underscores that headline risks remain. X’s auto-lock tackles a high-volume and high-impact vector: it severs the quick path from account hijack to on-platform promotion of scams, reducing the payoff that makes these attacks lucrative.
The measure won’t eliminate crypto fraud, but it could significantly raise the bar for attackers who rely on hijacked social accounts to turn trust into quick, on-chain cash-outs.
Read more AI-generated news on: undefined/news
