How hackers use fake X links to steal crypto, and how to spot them

The post How hackers use fake X links to steal crypto, and how to spot them appeared on BitcoinEthereumNews.com.

How fake X links work Hackers often hijack trusted accounts or create fake ones to post phishing links that look legitimate. If you use X regularly, you’ve probably seen a giveaway post or a “limited-time airdrop” link that seems to come from a trusted source. This is exactly what scammers rely on. They either break into verified accounts or impersonate big names in crypto. Then they publish posts urging you to click a link and connect your wallet. On May 29, an X user alerted the community about a fake $SONIC airdrop announcement circulating on the platform, urging others not to click on any related links and to stay vigilant against phishing attempts. What happens next depends on the scam. Some links lead to fake wallet login pages designed to steal your credentials. Others prompt you to approve a smart contract, which gives the attacker access to your funds. These scams are getting more polished, often mimicking real websites with convincing designs and near-identical URLs. Why crypto is a prime target Crypto transactions are fast, irreversible and often anonymous, making them ideal for scammers. Once a transaction is confirmed on the blockchain, there’s no getting it back. That makes crypto especially attractive to hackers. Many users also store their funds in hot wallets connected to browsers or apps, which are more vulnerable to phishing attempts. Add to that the growing popularity of NFTs and DeFi projects and there is more possibility for attacks. Approving the wrong contract, even once, can be all it takes to lose everything in your wallet. Did you know? In March 2025, the official X accounts of both the NBA and NASCAR were hacked, sending fake messages to millions of their followers. These messages falsely announced the launch of their own cryptocurrencies, $NBA coin and $NASCAR…