X, the social media platform owned by Elon Musk, plans to automatically lock accounts that post about cryptocurrency for the first time. The feature aims to curb a surge in phishing attacks using hijacked accounts to promote crypto scams.
Singapore Summit: Meet the largest APAC brokers you know (and those you still don't!)
Head of Product Nikita Bier confirmed the move, saying the company is implementing “auto-locking and verification” for users who mention crypto for the first time. Those accounts will remain locked until verification is complete. “This should kill 99% of the incentive,” Bier said, noting that many hackers target accounts mainly to spread fraudulent crypto schemes.
Response to Rising Phishing Attacks
The change follows a wave of attacks that use fake copyright violation emails to trick users into revealing login and two-factor authentication details. Stolen accounts are then used to promote fraudulent projects, tokens, or giveaways.
- Elon Musk Hits $600 Billion Net Worth as SpaceX IPO Buzz Builds
- Elon Musk Hits Almost $500 Billion and the Blowback Starts
- Elon Musk Buys $1 Billion of Tesla Stock. Retail Traders Get Signal.
Earlier, Bier stressed that he “genuinely want(s) crypto to proliferate on X,” but drew a hard line against products that “create incentives to spam, raid, and harass,” saying they worsen the experience for millions of users while benefiting only a small group of promoters. He framed the company’s latest safeguards as an attempt to preserve X as a viable home for legitimate crypto activity without letting growth tools turn into a subsidy for coordinated abuse.
You may also like: Crypto Fraud Tops UK Agenda as £14B Losses Spur New Strategy
The move comes as X grapples with what analysts have branded a mounting “bot crisis,” with AI-driven scam accounts exploiting the platform’s recommendation algorithms to push deepfake-heavy crypto fraud and fake trading tools at scale.
In late 2025, the company also said it had dismantled a bribery network tied to crypto scam accounts, after suspended users allegedly tried to pay middlemen to bribe insiders and restore handles previously used to promote high-risk tokens and giveaways.
Besides that, phishing and crypto-related scams have plagued X since its days as Twitter. Impersonators posing as public figures or companies often lure victims into sending digital assets, which cannot be recovered once transferred.
One of the most notable incidents occurred in 2020, when hackers accessed Twitter’s internal systems and used verified accounts to promote a fake Bitcoin giveaway, stealing over $100,000, Coindesk reported.
Broader Push for Platform Security
X has increased efforts to prevent such activity, introducing stricter API limits and expanding bot detection. Bier criticized Google for not blocking phishing emails that reach users’ inboxes, saying Gmail’s lax filtering still exposes users to risks.
The new auto-lock policy is now set to build on X’s broader security improvements and could sharply reduce the use of compromised accounts for crypto scams.
