Social media platform
The company will soon automatically block any account that mentions cryptocurrencies for the first time in its history, according to the company’s head of product, Nikita Bier. Users will need to go through additional verification before being allowed to post again.
Bier said the feature points to the core incentive behind these attacks. “This should kill 99% of the incentive,” he wrote, referring to the current wave of phishing that tricks users into revealing their credentials and then uses their accounts to power crypto scams.
The change was unveiled in response to a detailed first-hand account from a user
The attacker, the user said, used a fake, pixel-perfect login page to collect two-factor codes, then blocked the user and began promoting fraudulent crypto projects from his account.
Crypto Scams on X
These types of attacks have been extremely common on X, a legacy from before it was acquired by Elon Musk and was still called Twitter.
One of the most common tactics is the “double your money” scam, in which users are asked to send cryptocurrency in exchange for a promise of more. Others promote fake memecoins or fraudulent airdrops, often using hijacked accounts to lend credibility.
Impersonation is one of the most powerful tools. Fake accounts posing as prominent personalities have repeatedly tricked their followers into clicking on malicious links that imitate legitimate crypto platforms.
Cryptocurrency transactions are irreversible, so once a user falls for such an attack, their funds are gone.
The most egregious example came in 2020, when hackers accessed Twitter’s internal systems and took control of major accounts, including those of Apple, Barack Obama and Elon Musk.
They used those accounts to promote a fake bitcoin giveaway, netting more than $100,000 before the posts were removed. That breach, carried out through social engineering against Twitter employees, resulted in the hacker receiving a 5-year sentence.
X has made several attempts to strengthen security. These have included bot purges, API restrictions, and behavior detection. The latest move to automatically block accounts posting about cryptocurrency for the first time builds on those efforts, aiming to nip the tactic at its source: making hijacked accounts useless for scams.
Bier also criticized Google for not stopping phishing emails at the email level, pointing out the tech giant’s share of responsibility for failing to protect its users from phishing attacks.
