In a fight with crypto scammers, Elon Musk's X platform is preparing a new measure that could make hijacking accounts to promote illicit schemes less appealing.
Company’s Head of Product Nikita Bier said that X is "in the process of implementing auto-locking + verification if a user posts about cryptocurrency for the first time in the history of their account."
According to Bier, "this should kill 99% of the incentive." The Head of Product also criticized Google for failing to prevent phishing emails.
He didn't specify when this new measure might be implemented.
"If you have more than 10k followers and you drop a meme coin without any prior connection to crypto, it is always a hack," Bier said, in a now-deleted post seemingly from the @PeterLBrandt account of a veteran trader. It was confirmed that the account was hacked.
The news about the new measure was revealed in a response to a story by Benjamin White (@HelloBenWhite), the founder of a prediction market, Predictfully. He shared that he got phished after receiving an email that appeared to be from X.
The scammers tricked him by claiming that Benjamin infringed on copyright in two posts and even included screenshots of the content in question.
"And I did what most people would do in that moment. I reacted," he said, adding that he eventually landed on a fake X site and logged in, transferring his X account to criminals who rushed to change his password and replace the email address.
Next, within a few minutes, the hijacked account started posting crypto scam content with token names, links, and pages pretending to be like Benjamin's. He said he submitted two requests to X support about an hour apart and found that, between those requests, over 1,300 additional cases had been logged.
“That was the point where it really hit me that this isn’t rare. This is happening constantly, to a lot of people," he said, adding that he managed to regain control of his account within 24 hours. What's more, the criminals also tried to extort $4,000 out of him in return for control of his account, which he did not agree to.
The founder said that, from now on, he won’t click through emails like that again, even if they look legitimate, and that he'll start using YubiKey, a physical authentication device, for extra security.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked