X Moves to Shut Down Hijacked Account Crypto Scams with Automatic Post Locks
X (formerly Twitter) is now targeting that exact shift. The platform is preparing a mechanism that automatically locks any account the moment it mentions cryptocurrency for the first time, forcing verification before further activity.
The move comes as hijacked accounts have become one of the most reliable distribution tools for scam campaigns. Instead of building credibility from scratch, attackers take over existing profiles through phishing links, often disguised as platform notices or copyright warnings. Once access is secured, the account is repurposed within minutes.
Posts typically promote memecoins, token launches, or “limited” investment opportunities, often linking to external sites that mimic trading platforms or wallet connections. The structure is fast and repetitive. A single post draws initial attention, replies from bot accounts amplify visibility, and direct messages follow to push victims toward deposits.
What makes the tactic effective is not the message itself, but the account behind it. A profile with no prior crypto activity suddenly promoting a token creates a mix of curiosity and misplaced trust. That moment is where most of the damage happens.
By locking accounts at the point of first crypto-related content, X is not trying to judge whether a post is a scam. It is interrupting a pattern. According to Nikita Bier, removing the ability to instantly post after a takeover cuts off the main incentive behind these attacks.
The approach reflects how crypto scams on social platforms are operating today. Campaigns are no longer isolated posts but short-lived bursts of activity, often lasting only minutes before accounts are flagged or access is restored. The goal is to extract funds before that window closes.
The change does not address phishing itself, nor the broader network of impersonation accounts and automated replies that surround crypto discussions. But it targets the conversion point, where a compromised account turns into a live promotion channel.
For users, the pattern remains easy to miss in real time. A familiar account posting about a token for the first time, especially with urgency or limited-time claims, should be treated as a warning sign rather than an opportunity. Links directing to external trading pages or wallet connections remain the primary loss point, and once funds are transferred through crypto rails, recovery is unlikely.
Copyright © 2026 FastBull Ltd
Risk Warning
FX trading is of high risk and may not be suitable for all investors. Leverage will create additional risks and loss. Before trading, please carefully consider your investment objectives, experience level and risk tolerance. You may lose part or all of your initial investment; do not invest money that you cannot afford. Educate yourself about the risks associated with FX trading. If you have any questions, please consult an independent financial or tax advisor. Any data and information are provided "as is" and only for information purpose, not for trading or recommendations. Past performance does not predict future results.
Disclaimer
The data contained in this website may not be real-time and accurate. The data and prices on this site are not necessarily provided by the market or exchange, but may be provided by market makers, so prices may be inaccurate and differ from actual market prices. Namely, this price is indicative price only to reflect market trend, and is unfavorable for trading purpose. The provider of the data contained in the Website shall not be liable for any loss incurred by you as a result of your trading activities or reliance on the information contained in the Website.