X Unleashes “Killer Move” Against Crypto Scams: First Token Launch Tweet Automatically Locked, Identity Verification Required for Unlock
TechFlow Selected TechFlow Selected
X Unleashes “Killer Move” Against Crypto Scams: First Token Launch Tweet Automatically Locked, Identity Verification Required for Unlock
Auto-locking the first encrypted post is just one component of X’s anti-scam strategy.
Navigating Web3 tides with focused insightsAuthor: TechFlow
TechFlow Introduction: Nikita Bier, Head of Product at X, announced the platform is rolling out a new mechanism: any account publishing cryptocurrency-related content for the first time will be automatically locked and required to complete identity verification. X claims this measure will “eliminate 99% of malicious incentives.” The policy directly targets the most rampant current scam pattern—hackers stealing accounts via phishing emails and exploiting followers’ trust to promote fake tokens.
Main Text:
Cryptocurrency scams have become X’s most persistent security issue—and the platform is preparing its most aggressive product-level response yet.
According to a Crypto Briefing report dated April 2, Nikita Bier, X’s Head of Product, announced on X on April 1—while replying to a user who had fallen victim to a phishing attack—that X is deploying an automatic lockout mechanism: when any account posts cryptocurrency-related content for the first time in its history, the system will automatically lock the account and require identity verification before further posting is permitted.
In his original post, Bier wrote: “This should kill 99% of the incentive, especially since Google isn't doing shit to stop the phishing.” He also criticized Google for failing to effectively block phishing emails at the Gmail level, stating that X’s automatic lockout is essentially a corrective measure addressing Google’s security shortcomings.
Phishing Attacks Are the Primary Vector for Crypto Scams—Stolen Accounts Become “Token-Promotion Tools”
Bier’s statement was prompted by a firsthand account from Benjamin White, founder of prediction market platform Predictfully. As reported by TheStreet, White detailed on X on April 1 how his account was compromised: attackers lured him into clicking a spoofed login page via a phishing email disguised as a copyright infringement notice, thereby stealing his login credentials—including two-factor authentication codes—then locked his account and used it to promote fraudulent crypto projects. In an even more brazen move, the hackers demanded a $4,000 “account ransom.”
This attack pattern has now become highly industrialized. Hackers typically send phishing emails impersonating official notices (e.g., copyright warnings or security alerts) to trick users into entering credentials on meticulously forged login pages. Once accounts are compromised, attackers immediately post promotions for fake tokens or phishing links—exploiting the original account’s follower base and credibility to cash out rapidly. Because cryptocurrency transactions are irreversible, victims cannot recover funds once scammed.
According to Chainalysis’ 2025 Annual Cryptocurrency Crime Report, on-chain scam inflows reached at least $14 billion in 2025—up sharply from $9.9 billion in 2024. CertiK data shows that phishing attacks alone caused over $311 million in losses in January 2026, including a single victim losing $284 million due to a social engineering attack.
Making Stolen Accounts “Useless Cards”
Bier’s strategy targets a critical link in this profit chain: rendering stolen accounts completely worthless for cryptocurrency promotion.
The specific mechanism works as follows: if an account with no prior history of publishing cryptocurrency-related content suddenly begins promoting tokens, the system will automatically trigger a lockout and identity verification process. According to Bitget’s reporting on Bier’s further clarification, he singled out a typical scenario: “If you have over 10,000 followers but zero historical engagement with crypto, and suddenly start promoting a meme coin—that’s 100% a scam. We’ll detect such behavior and require ownership verification to reduce account hijacking.”
The core logic behind this mechanism is economic: hackers’ primary motive for stealing accounts is to exploit their follower base to promote fake tokens. If stolen accounts are locked immediately upon posting crypto content, the cost-benefit ratio of account theft plummets—undermining malicious incentives at their source.
X’s Multi-Pronged Anti-Scam Strategy
The automatic lockout for first-time crypto posts is only one component of X’s broader anti-scam strategy.
According to TheStreet, users commented under Bier’s post noting that scam accounts frequently spam up to 50 users at once via @mentions. Bier responded that such bulk-mention behavior “should already be blocked”—though user feedback suggests actual enforcement still needs improvement.
In addition, X will intensify monitoring of account hijacking activity. Fraudulent posts from compromised accounts remain one of the most prevalent vectors for cryptocurrency scams on the platform. As reported by Bitget, the new verification system will also target bot accounts impersonating legitimate crypto companies—typically replying beneath official posts and posing as customer support agents to lure victims.
Since joining X as Head of Product in July 2025, Bier has led multiple anti-spam initiatives. In October last year, X removed 1.7 million bot accounts engaged in spam replies in a single sweep; the same month, it launched an Account Transparency Tool publicly displaying metadata such as country of registration and username change history. In January this year, X imposed restrictions on InfoFi apps (platforms monetizing information and user interactions), citing widespread AI-generated low-quality content and spam replies from such accounts.
Timing-wise, Bier’s announcement coincides with a high-profile scam that recently drew widespread attention. According to TradingView’s citation of Cointelegraph, a fraudster recently impersonated the veterinarian responsible for caring for Jonathan—the 193-year-old tortoise—and promoted a Solana-based meme coin named “JONATHAN” across social media. The token surged over 6,000% before crashing. BBC and other outlets later exposed the scam.
As of now, X has not disclosed a specific launch timeline for this automatic lockout feature.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
深潮TechFlow
