In a recent cyberattack, the X account of UK Government Minister Lucy Powell was compromised to promote a fraudulent cryptocurrency called “House of Commons Coin” ($HCC). This incident highlights the growing threat of social media hacks targeting high-profile figures to push crypto scams. Here’s what happened, why it matters, and how you can protect yourself from similar scams.
What Happened to Lucy Powell’s X Account?
On Tuesday morning, hackers gained control of Lucy Powell’s verified X account, which boasts nearly 70,000 followers and highlights her role as the House of Commons Leader and MP for Manchester Central. The attackers posted a series of now-deleted messages promoting a fake cryptocurrency, “$HCC,” described as “a community-driven digital currency bringing people’s power to the blockchain.” Some posts even included an image of the House of Commons logo to lend credibility to the scam.Powell’s office quickly confirmed the breach, stating that steps were taken to secure the account and remove the misleading posts. A House of Commons spokesperson emphasized that the UK Parliament takes cybersecurity seriously, providing guidance to members on managing digital risks, though specific security measures were not disclosed.
A Growing Trend: High-Profile Accounts Targeted for Crypto Scams
Lucy Powell is not the first public figure to fall victim to this type of cybercrime. Recently, BBC journalist Nick Robinson, who hosts BBC Radio 4’s Today programme, had his X account hacked after clicking a phishing email he believed was legitimate. The hackers used his account to promote a fake cryptocurrency called “$Today.”These incidents are part of a broader trend in 2024, with Action Fraud reporting 35,343 cases of hacked social media and email accounts. Cybercriminals often target verified accounts with large followings to maximize the reach of their scams, exploiting the trust associated with public figures.
What Is a “Pump and Dump” Crypto Scam?
The hack of Powell’s account is a classic example of a “pump and dump” scheme, according to Luke Nolan, a senior research associate at CoinShares, a digital asset management firm. In such scams:
- Creation: Fraudsters create a new cryptocurrency, which can take just a few hours to develop and launch.
- Promotion: They hijack high-profile accounts to advertise the coin, inflating its perceived value.
- Profit: Scammers sell their majority share of the coin at the inflated price, leaving investors with worthless assets.
In the case of the $HCC scam, Nolan noted that the coin saw only 34 transactions, generating an estimated profit of £225 for the perpetrators. While the financial impact may seem small, these scams can cause significant harm to unsuspecting victims.
How Do Hackers Gain Access to Accounts?
Cybercriminals typically use the following methods to take over social media accounts:
- Phishing Emails: Fraudulent emails trick users into clicking malicious links or sharing login credentials. For example, Nick Robinson’s hack resulted from clicking a phishing email posing as an official X communication.
- Data Breaches: Hackers exploit leaked passwords from previous data breaches, which are often sold on the dark web.Weak
- Passwords: Accounts with simple or reused passwords are easier to crack.
Once they gain access, hackers act quickly to post fraudulent content before the account is secured or the scam is detected.
The Role of Lucy Powell as House of Commons Leader
As the House of Commons Leader since Labour’s victory in the summer of 2024, Lucy Powell plays a critical role in the UK government. Her responsibilities include:
Planning and overseeing the government’s legislative programme.
Upholding the rights of backbench MPs to ensure fair representation in Parliament.
Given her prominent position, her verified X account is a prime target for cybercriminals seeking to exploit her credibility and reach.
How to Protect Yourself from Social Media and Crypto Scams
With the rise in account hacks and cryptocurrency scams, it’s essential to stay vigilant. Here are actionable steps to safeguard your accounts and avoid falling for scams:
1. Enable Two-Step Verification (2FA)
Two-step verification adds an extra layer of security by requiring a second form of authentication, such as a code sent to your phone or email, when logging in. Action Fraud strongly recommends enabling 2FA on all social media and email accounts.
2. Use Strong, Unique Passwords
Create passwords using a combination of three random words, such as “BlueRiverCactus,” to make them harder to guess. Avoid reusing passwords across multiple accounts, and consider using a password manager to keep track of them securely.
3. Be Cautious of Phishing Emails
Avoid clicking links or downloading attachments from unsolicited emails. Verify the sender’s email address, and if in doubt, contact the platform directly through official channels to confirm the message’s legitimacy.
4. Research Cryptocurrencies Before Investing
Before investing in any cryptocurrency, thoroughly research its legitimacy. Be wary of coins promoted through social media, especially if they’re tied to high-profile accounts that may have been hacked.
5. Monitor Your Accounts for Suspicious Activity
Regularly check your social media accounts for unauthorized posts or changes to your profile. If you suspect a hack, act quickly to secure your account and report the incident to the platform.
What’s Being Done to Combat These Scams?
The UK Parliament and platforms like X are working to enhance cybersecurity measures to protect users. Action Fraud continues to raise awareness about the risks of social media hacks and provides resources for victims of cybercrime. However, individuals must also take responsibility for securing their accounts to minimize risks.