It’s only early March, but we’ve already had a few high profile social media account hijackings in 2025. Within weeks of each other, the X accounts of former Philippines vice president Leni Robredo and Rappler CEO Maria Ressa were hacked to promote a cryptocurrency scam. (Thanks to

It’s of course awful when these crimes happen. On the positive side, we’re big believers of learning from the mistakes or mishaps of others. In this case, their misfortune is your opportunity to make yourself a harder target. Here are six key takeaways from these hijackings and similar incidents:

1. Cryptocurrency Scams Are the New Playbook

Hackers increasingly use hijacked accounts to promote cryptocurrency platforms. When Robredo's account was compromised, the attackers posted endorsements for Solana, making it appear as if the former vice president was promoting the blockchain platform. This follows the hijacking of another high profile Filipino’s X account, this time actress Angel Locsin's X account, back in January.

Most will think that they are not at risk for crypto hijacking scams. As we note below towards the end, crypto scammers are targeting accounts of ordinary Jane and Joes as well.

2. High-Profile Figures Are Prime Targets

Public figures face heightened risks. Two high profile accounts hijacked this close together is not out of the ordinary any longer. Attackers specifically target verified accounts with large followings because they carry more credibility and scale.

While celebrities are ideal targets, anyone with a decent sized platform, reputation or influence is a target. In some sense, hijacking the account of an ordinary Joe is more effective. In 2024 alone, approximately 18,000 X accounts were hacked monthly, with 15% of all social media hacks occurring on the X platform (source).

Share

3. Speed of Response is Critical

Quick action is essential in limiting damage. Robredo's daughter immediately alerted followers about the compromise, while Robredo posted warnings on her other social media platforms. This rapid response helped minimize the scam's impact by warning followers before they could fall victim to the fraudulent posts.

4. Multi-Platform Presence is Essential

Having multiple social media channels proved crucial for both Robredo and Ressa. When their X accounts were compromised, they could still communicate with their followers through other platforms like Facebook. This redundancy ensures continuous communication even when one account is compromised.

5. Artificial Intelligence Amplifies Threats

Modern hacking techniques have evolved to include AI-driven tools that create highly convincing impersonations. In Ressa's case, attackers had previously used deepfake technology to manipulate her interview with Stephen Colbert to promote Bitcoin (source). This demonstrates how sophisticated these attacks have become, using advanced technology to make scams more convincing and effective.

AI is Making Scams Smarter (must watch videos inside)

October 18, 2024

Read full story

6. Strong Passwords Aren’t Enough

It’s not clear yet how Robredo and Ressa’s accounts were compromised. But we know from prior social media account hijackings that weak passwords aren’t always the source of blame. Modern attackers often use sophisticated social engineering schemes to trick you into revealing your password or 2FA one-time use codes. Hackers can even bypass passwords entirely through methods like SIM swapping, which is a favorite method used against high profile targets.

Our best guess is SIM swapping is what happened in one or both of Robredo and Ressa’s situation.

Here are our recent posts on Hardware Keys and Passkeys for those who need more security for their key accounts, like social media accounts.

The Truth About Passkeys

Feb 14

Read full story

Are Hardware Keys the Ultimate Security Flex?

Feb 28

Read full story

Celebrities Are Not the Only Target

Social media hijackings aren’t just for celebrities and politicians to worry about though. This is a very clear and present threat to ordinary Jane and Joes.

Long time readers will recall the story of our friend Tim who had his Facebook page hijacked to promote a crypto scam. The hijacking lasted for around six months. You can read about his painful ordeal here:

Avoiding Digital STDs

Secrets of Privacy

·

February 9, 2024

Read full story

And last week we revealed Jenny’s Instagram hijacking story in our deep dive on hardware security keys, linked above.

Got a privacy or security question? Send us a message!

How to Protect Yourself