Key Highlights
- X’s new security protocol will automatically freeze accounts upon their initial cryptocurrency-related post, mandating additional verification steps
- The initiative specifically addresses phishing schemes where cybercriminals compromise accounts to advertise fraudulent digital assets
- Product Chief Nikita Bier claims this measure will eliminate “99% of the incentive” behind such malicious activities
- Implementation comes amid widespread fraudulent copyright notice emails designed to capture user credentials and authentication codes
- X’s Product Head pointed fingers at Google for insufficient Gmail filtering against phishing attempts
The social media platform X, owned by Elon Musk, is implementing a fresh security protocol designed to automatically freeze user accounts upon their first mention of cryptocurrency. These accounts will remain inaccessible until owners successfully complete an authentication procedure.
Yeah we’re aware.
We are in the process of implementing auto-locking + verification if a user posts about cryptocurrency for the first time in the history of their account.
This should kill 99% of the incentive, especially since Google isn’t doing shit to stop the phishing…
— Nikita Bier (@nikitabier) April 1, 2026
Nikita Bier, serving as X’s Product Head, confirmed this development through a post on the platform itself. He emphasized that the primary objective centers on disrupting cybercriminals who compromise legitimate accounts for cryptocurrency fraud operations.
“This should kill 99% of the incentive,” Bier stated, addressing the ongoing surge of phishing campaigns that target platform members.
This security announcement followed a user’s public disclosure of losing account control through a deceptive email masquerading as a copyright infringement alert. The perpetrator deployed a counterfeit login interface to harvest both login details and two-factor authentication information.
After gaining unauthorized entry, the attacker excluded the legitimate account holder and began broadcasting bogus crypto ventures to the profile’s audience.
The Mechanics Behind These Fraudulent Schemes
Such malicious operations typically follow an established blueprint. Cybercriminals seize control of an account, subsequently exploiting it to broadcast counterfeit meme tokens, illegitimate token distributions, or deceptive investment multiplication schemes. The established trust associated with genuine accounts increases the likelihood that followers will engage with malicious links.
Given that blockchain-based financial transactions are irreversible, victims possess no mechanism to retrieve stolen assets after transmission.
The most infamous incident of this attack methodology occurred in 2020. Perpetrators penetrated Twitter’s backend infrastructure and commandeered authenticated accounts associated with Apple, Barack Obama, and Elon Musk.
These compromised profiles were leveraged to advertise a fabricated Bitcoin distribution scheme that accumulated over $100,000 before content removal. The individual responsible ultimately received a five-year prison sentence.
X’s Comprehensive Security Strategy
The platform has maintained ongoing efforts to combat fraudulent operations. Previous initiatives included eliminating automated bot networks, restricting API permissions, and enhancing algorithmic detection capabilities.
Toward the end of 2025, X announced the dismantling of a corruption network linked to cryptocurrency scam profiles. Banned individuals reportedly attempted to compensate intermediaries for bribing internal X personnel to reinstate their suspended accounts.
This newly introduced automatic freeze mechanism extends those protective measures by intercepting scams at their origin point. When a compromised account cannot broadcast cryptocurrency content without triggering a security lock, its value to malicious actors diminishes substantially.
Bier additionally expressed support for authentic cryptocurrency discourse on X. He distinguished between legitimate activity and schemes that “create incentives to spam, raid, and harass.”
He further challenged Google explicitly, asserting that Gmail’s security measures fail to intercept phishing communications before reaching users’ primary mailboxes, attributing partial accountability to the technology corporation.
While the automatic account freeze functionality hasn’t officially deployed, its release is characterized as imminent.
