Zerodha cofounder Nikhil Kamath’s X handle hacked
Zerodha cofounder Nikhil Kamath’s X account was hacked after he fell for a phishing email. He called it a “momentary lapse in attention.” The hackers used his account to share crypto scam links but were stopped from full control by two-factor auth...
By ETtech |
Agencies
Nikhil Kamath, cofounder, Zerodha
Zerodha cofounder Nikhil Kamath revealed that his social media account on X (formerly Twitter) was hacked on Wednesday via a phishing email.
“So, my personal Twitter account was compromised yesterday because I fell for a phishing email early in the morning while at home when browsing on my personal device,” he posted.
A phishing email is a fake message pretending to be from a trusted source, designed to trick people into sharing personal details or clicking harmful links.
Kamath described the incident as a “momentary lapse in attention.”
He explained, “The email got through all the spam and phishing filters. I clicked on the 'Change Your Password' link and entered the password.”
The hackers managed to access one active login session and used it to send out scam links related to cryptocurrency from his account. Kamath pointed out that since two-factor authentication (2FA) was enabled, it stopped them from fully taking over his account or logging in from other devices.
He noted the attack seemed “AI-automated and not personal.”
“As important as technical cybersecurity are human processes, policies, procedures that account for worst-case scenarios and the psychology of the weakest link, which is us. 2FA is absolutely essential, but clearly, it is not a technical solution to human psychology,” he said.
Kamath admitted, “All it took was one slight slip of the mind,” and called for cybersecurity measures in organisations and governments to consider both technical risks and human errors.
Shortly after, the fake posts were removed and Kamath regained control of his account.
“So, my personal Twitter account was compromised yesterday because I fell for a phishing email early in the morning while at home when browsing on my personal device,” he posted.
A phishing email is a fake message pretending to be from a trusted source, designed to trick people into sharing personal details or clicking harmful links.
Kamath described the incident as a “momentary lapse in attention.”
He explained, “The email got through all the spam and phishing filters. I clicked on the 'Change Your Password' link and entered the password.”
The hackers managed to access one active login session and used it to send out scam links related to cryptocurrency from his account. Kamath pointed out that since two-factor authentication (2FA) was enabled, it stopped them from fully taking over his account or logging in from other devices.
ADVERTISEMENT
He noted the attack seemed “AI-automated and not personal.”
“As important as technical cybersecurity are human processes, policies, procedures that account for worst-case scenarios and the psychology of the weakest link, which is us. 2FA is absolutely essential, but clearly, it is not a technical solution to human psychology,” he said.
Kamath admitted, “All it took was one slight slip of the mind,” and called for cybersecurity measures in organisations and governments to consider both technical risks and human errors.
Shortly after, the fake posts were removed and Kamath regained control of his account.
ADVERTISEMENT
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
ADVERTISEMENT
