In this digital world, many aren’t immune to a slip-up that can compromise their information and lead to getting scammed. One moment you’re casually checking emails at home, the next, AI-powered attackers are poking through your account. Cybersecurity isn’t just about firewalls, spam filters, or 2FA—it’s about human awareness, vigilance. Nithin Kamath, Zerodha’s co-founder, recently experienced this firsthand when a phishing email gave hackers brief access to his personal X account, proving just how sneaky AI-enabled attacks can be.
Kamath explained that early one morning, he fell for a phishing email while browsing on his personal device. A single click on a malicious link allowed attackers to access one login session, which they used to post a few scammy cryptocurrency links. Thanks to 2FA, the rest of his account remained secure, and the attack appeared fully AI-automated rather than targeted personally.
The incident highlights a key lesson: technical safeguards alone can’t counter human error. Kamath emphasised the importance of holistic cybersecurity, combining strong policies, procedures, and constant vigilance. Even with awareness and regular organizational discussions on risks, it takes just one brief lapse in attention to give AI-powered attacks a foothold.
What did the netizens say?
Several users reacted to Nithin Kamath’s account hack, highlighting how even the most careful individuals can fall victim to phishing attacks. One pointed out that Kamath’s experience proves cybersecurity isn’t just about firewalls and 2FA—it’s about those distracted moments when curiosity outweighs caution. A single slip can expose sensitive information, like cryptocurrency details, showing humans themselves are often the weakest link in cyber defence.
Others noted that phishing emails have been increasingly common across various accounts, raising questions about how attackers gain access to personal emails even when exact addresses aren’t publicly shared. Observers also emphasised that the sender’s email alone is often enough to identify a scam, as legitimate platforms like X would never use such addresses.
Some users offered practical advice, including using password managers with built-in breach detection features to flag suspicious alerts before clicking on links. Another pointed out that even the sharpest minds can fall for these sneaky phishing traps, likening the experience to an unexpected mess on a clean slate—messy but recoverable with 2FA as a backup. These reactions underscored the critical role of human psychology in cybersecurity, showing that technical safeguards alone aren’t enough.
Kamath explained that early one morning, he fell for a phishing email while browsing on his personal device. A single click on a malicious link allowed attackers to access one login session, which they used to post a few scammy cryptocurrency links. Thanks to 2FA, the rest of his account remained secure, and the attack appeared fully AI-automated rather than targeted personally.
The incident highlights a key lesson: technical safeguards alone can’t counter human error. Kamath emphasised the importance of holistic cybersecurity, combining strong policies, procedures, and constant vigilance. Even with awareness and regular organizational discussions on risks, it takes just one brief lapse in attention to give AI-powered attacks a foothold.
So, my personal Twitter account was compromised yesterday because I fell for a phishing e-mail early in the morning while at home when browsing on my personal device.
— Nithin Kamath (@Nithin0dha) October 16, 2025
A momentary lapse in attention. The e-mail got through all spam and phishing filters. I clicked on the 'Change… pic.twitter.com/4x4Pg8MtUj
What did the netizens say?
Several users reacted to Nithin Kamath’s account hack, highlighting how even the most careful individuals can fall victim to phishing attacks. One pointed out that Kamath’s experience proves cybersecurity isn’t just about firewalls and 2FA—it’s about those distracted moments when curiosity outweighs caution. A single slip can expose sensitive information, like cryptocurrency details, showing humans themselves are often the weakest link in cyber defence.
Others noted that phishing emails have been increasingly common across various accounts, raising questions about how attackers gain access to personal emails even when exact addresses aren’t publicly shared. Observers also emphasised that the sender’s email alone is often enough to identify a scam, as legitimate platforms like X would never use such addresses.
Some users offered practical advice, including using password managers with built-in breach detection features to flag suspicious alerts before clicking on links. Another pointed out that even the sharpest minds can fall for these sneaky phishing traps, likening the experience to an unexpected mess on a clean slate—messy but recoverable with 2FA as a backup. These reactions underscored the critical role of human psychology in cybersecurity, showing that technical safeguards alone aren’t enough.
You may also like
EXPLAINED: India's Russian oil trade and options before it
India's capital markets remain resilient in H1 FY26: NSE
Pakistan: Traditional fault lines multiplying with internal uprisings
India and Egypt share commitment to progress of Global South: EAM Jaishankar
140 Maoists to surrender before Chhattisgarh CM on Friday
