Elon Musk’s X Takes Aim at Crypto Scammers With New Account Lock Tool

TLDR

• X will auto-lock accounts that post about crypto for the first time, requiring extra verification before they can post again
• The move targets phishing attacks where hackers hijack accounts to promote fake tokens and scams
• Head of Product Nikita Bier says the feature should “kill 99% of the incentive” for these attacks
• The policy follows a wave of fake copyright emails used to steal login credentials and two-factor codes
• X’s Head of Product also criticized Google for allowing phishing emails through Gmail

Elon Musk’s X is rolling out a new security feature that will automatically lock any account that mentions cryptocurrency for the first time. The account will stay locked until the user completes a verification process.

The move was confirmed by X’s Head of Product, Nikita Bier, on the platform. He said the goal is to cut off hackers who hijack accounts specifically to run crypto scams.

The announcement came after an X user publicly shared their experience of losing account access through a phishing email disguised as a copyright violation notice. The attacker used a fake login page to capture the user’s credentials and two-factor authentication codes.

Once inside the account, the attacker locked out the real owner and started promoting fraudulent crypto projects to the account’s followers.

How the Scams Work

These attacks follow a familiar pattern. A hacker takes over an account, then uses it to push fake memecoins, fraudulent airdrops, or “double your money” crypto offers. The credibility of a real account makes followers more likely to click.

Crypto transactions cannot be reversed, so victims have no way to recover lost funds once they have been sent.

The most well-known example of this type of attack happened in 2020. Hackers broke into Twitter’s internal systems and took over verified accounts belonging to Apple, Barack Obama, and Elon Musk.

Those accounts were used to promote a fake Bitcoin giveaway that collected over $100,000 before the posts were taken down. The hacker behind the attack was later sentenced to five years in prison.

X’s Broader Security Push

X has been working to address scam activity for some time. The company has previously run bot purges, tightened API access, and expanded behavioral detection tools.

In late 2025, X said it had broken up a bribery network connected to crypto scam accounts. Suspended users had allegedly tried to pay intermediaries to bribe X insiders and restore previously banned accounts.

The new auto-lock policy builds on those steps by targeting the scam at its source. If a hijacked account cannot post about crypto without triggering a lock, it becomes much less useful to attackers.

He also criticized Google directly, saying Gmail’s filtering is not stopping phishing emails before they reach users’ inboxes, placing some responsibility on the tech giant.

The auto-lock feature has not yet launched but is described as coming soon.

The post Elon Musk’s X Takes Aim at Crypto Scammers With New Account Lock Tool appeared first on CoinCentral.