X To Roll Out Auto-Lock Feature for Initial Cryptocurrency Posts to Curb Phishing Scams

TLDR

• X intends to automatically lock accounts that make their first mention of cryptocurrency.
• Users with locked accounts will need to complete additional verification before resuming posts.
• This initiative targets hacked accounts used to promote fraudulent tokens.
• X states the feature aims to reduce crypto phishing campaigns.
• Critics argue legitimate first-time crypto posts might be flagged.

---

(SeaPRwire) –   X is developing a new account security feature to curb a common form of crypto-related phishing that relies on compromised profiles to push fake tokens and links. According to X Head of Product Nikita Bier, the platform will soon auto-lock any account that posts about cryptocurrency for the first time in its history. The account holder will then need to finish extra verification steps before posting again.

The planned measure comes as crypto-phishing campaigns continue targeting social media users—especially on large platforms where hacked accounts can quickly reach wide audiences. Often, attackers take control of established profiles and use their credibility to promote scam tokens, fake airdrops, or links to fraudulent websites. By limiting first-time crypto posts from accounts with no prior history on the topic, X aims to make hijacked profiles less useful to scammers.

Nikita Bier, Head of Product at X, noted that in response to a surge in crypto scams and phishing activity, the platform is rolling out a new security measure: if an account posts about cryptocurrency for the first time, it will be automatically locked and required to complete… pic.twitter.com/hlddg0qlMh

— Wu Blockchain (@WuBlockchain) April 2, 2026

Bier said the feature is designed to remove the main incentive behind these attacks. He made the comment in response to a user’s account of how a phishing email disguised as a copyright notice led to a stolen login session. The user explained the attacker used a fake sign-in page nearly identical to the real one, collected two-factor authentication codes, and then took over the account to promote fraudulent crypto content.

New Rule Targets a Common Scam Tactic

Crypto scams spread via compromised social media accounts have been active for years and remain among the most visible threats to retail users online. One widely used tactic is the “double your money” scheme, where victims are told to send cryptocurrency with the false promise of receiving a larger amount in return. Other scams promote fake meme coins, token launches, and counterfeit airdrops designed to steal wallet credentials or direct payments.

Impersonation also remains a major issue. Attackers often create or seize accounts that appear to belong to public figures, companies, or known crypto sector members. These accounts may share links that seem legitimate but lead users to phishing pages or fraudulent token offers. Since crypto transactions are usually irreversible, losses from these schemes are often permanent once funds are transferred.

X has introduced other anti-abuse steps in recent years, including bot removals, tighter API controls, and systems to monitor suspicious behavior. The new auto-lock feature expands these efforts by focusing on sudden changes in posting behavior. An account that unexpectedly starts discussing cryptocurrencies for the first time may face temporary restrictions until the platform confirms the user’s identity.

Verification Step May Impact Legitimate Users

The approach aims to disrupt scam campaigns before they spread, but it may also affect legitimate users posting about digital assets for the first time. Some critics say the rule could lead to false positives if normal user activity is treated as suspicious by default. This concern is especially relevant during periods of strong market interest, when new users begin discussing crypto topics more frequently.

Supporters of the change say extra verification is a practical step given the volume of account takeovers tied to scam promotions. A temporary lock could slow malicious activity when attackers try to use a trusted profile to attract attention and build credibility. For platforms dealing with fast-moving financial scams, speed is often key to limiting exposure.

Bier also criticized Google for phishing emails, stating email providers share responsibility when deceptive messages reach users and result in stolen credentials. His comments linked the account takeover problem to broader weaknesses in phishing prevention that extend beyond social platforms.