X Plans Auto-Lock Feature for First-Time Crypto Posts to Limit Phishing Scams

TLDR

• X plans to auto-lock accounts that mention crypto for the first time.
• Locked users will need extra verification before posting again.
• The move targets hacked accounts used to promote scam tokens.
• X says the feature is aimed at reducing crypto phishing campaigns.
• Critics say legitimate first-time crypto posts could be flagged.

X is preparing a new account security feature aimed at reducing a common form of crypto-related phishing that relies on hacked profiles to promote fraudulent tokens and links. According to statements from X Head of Product Nikita Bier, the platform will soon automatically lock any account that mentions cryptocurrency for the first time in its posting history. The account holder will then need to complete additional verification before posting again.

The planned measure comes as crypto-phishing campaigns continue to target social media users, especially on large platforms, where compromised accounts can quickly reach wide audiences. In many cases, attackers gain control of established profiles and use their credibility to promote scam tokens, fake airdrops, or links to fraudulent websites. By limiting first-time crypto posts from accounts with no prior history on the topic, X aims to make hijacked profiles less useful to scammers.

Bier said the feature is designed to remove the main incentive behind these attacks. He made the comment in response to a user account describing how a phishing email disguised as a copyright notice led to a stolen login session. The user said the attacker used a fake sign-in page that closely resembled the real one, collected two-factor authentication codes, and then took over the account to promote fraudulent crypto content.

New Rule Targets a Common Scam Method

Crypto scams promoted through compromised social media accounts have been active for years and remain among the most visible threats to retail users online. One widely used method is the “double your money” scheme, in which victims are told to send cryptocurrency with the false promise of receiving a larger amount in return. Other scams promote fake meme coins, token launches, and counterfeit airdrops designed to extract wallet credentials or direct payments.

Impersonation also remains a major part of the problem. Attackers often create or seize accounts that appear to belong to public figures, companies, or known members of the crypto sector. Those accounts may share links that appear legitimate, but instead lead users to phishing pages or fraudulent token offers. Because crypto transactions usually cannot be reversed, losses from these schemes are often permanent once funds are transferred.

X has introduced other anti-abuse steps in recent years, including bot removals, tighter API controls, and systems that monitor suspicious behavior. The new auto-lock feature expands those efforts by focusing on abrupt changes in posting behavior. An account that suddenly begins discussing cryptocurrencies for the first time may now face temporary restrictions until the platform confirms the user’s identity.

Verification Measure May Affect Some Legitimate Users

The approach is intended to disrupt scam campaigns before they spread, but it may also affect legitimate users who post about digital assets for the first time. Some critics have said the rule could lead to false positives if normal user activity is treated as suspicious by default. That concern may be especially relevant during periods of strong market interest, when new users begin discussing crypto topics more often.

Supporters of the change say extra verification is a practical step given the volume of account takeovers tied to scam promotions. A temporary lock could slow malicious activity at the point where attackers try to use a trusted profile to attract attention and build credibility. For platforms dealing with fast-moving financial scams, speed is often central to limiting exposure.

Bier also criticized Google for phishing emails, saying email providers share responsibility when deceptive messages reach users and result in stolen credentials. His comments linked the account takeover problem to broader weaknesses in phishing prevention that extend beyond social platforms.

The post X Plans Auto-Lock Feature for First-Time Crypto Posts to Limit Phishing Scams appeared first on CoinCentral.