What Greg Gutfeld's Hack Can Teach Your Business
What Greg Gutfeld's Hack Can Teach Your Business
It happened again. Just when you think the wave of social media security breaches might be slowing down, another high-profile X account falls victim to cybercriminals. This keeps happening because your social media is a very valuable asset hackers can exploit
So, if an industry veteran with a massive platform can be compromised, you must ask yourself: how vulnerable is your business?
In this post, we'll break down the specific details of the Greg Gutfeld hack and explain why these attacks are a routine nightmare for business owners. Most importantly, we'll provide you with seven actionable steps to reduce your attack surface and protect your social media presence from becoming the next headline.
What happened to Fox News host Greg Gutfeld's X account?
On Saturday, February 7, 2026, Fox News host Greg Gutfeld's X account was hijacked through a phishing scam. A Fox News spokesperson confirmed the hack, which involved scammers sending direct messages (DMs) to users claiming Gutfeld needed "votes" to co-host an upcoming entertainment show.
The scale of the attack was massive, as identical messages were sent to over 3 million followers. According to Grok (X's AI chatbot), all messages contained a phishing link designed to lead users to a fake voting page where their login details would be stolen.
Unfortunately, some prominent users fell for the bait. Former Saturday Night Live star Rob Schneider posted an urgent plea to his own followers: "PLEASE VOTE FOR GREG GUTFELD YOU CAN DO IT!!". Meanwhile, other influencers like Stephen L. Miller, Jarvis, and Catturd stepped in to warn people to dismiss the messages and avoid clicking any links. Miller mocked the quality of the attempt, noting that for a DM hack to work, attackers need to impersonate people whose speech patterns they actually understand.
Why should you pay attention to these types of attacks?
While you might think your business is unlikely to encounter a scam this specific, these attacks are becoming alarmingly common. If you are a business owner or an influencer with a significant following, you are a "high-value target" because your account gives hackers instant access to a large, trusting audience with relatively little effort.
As you might expect, hackers do this due to money. The financial motivations behind these crimes are staggering. For example, Cybersecurity Ventures expects global cybercrime costs to grow by 15% per year, reaching $10.5 trillion USD globally this year and hitting $12 trillion annually by 2031. To put that in perspective, cybercrime is now more profitable than the global trade of all major illegal drugs combined.
Are you prepared to risk your brand's reputation in such a high-stakes environment? Every successful hack erodes customer trust and can lead to devastating financial losses.
How to protect your X account
Cybercrime is on the rise, but that doesn't mean you have to remain an easy target. You can take effective steps right now to protect your social media from hacks like the one Gutfeld experienced. The key is to reduce your attack surface as much as possible and stay prepared for the worst-case scenario.
Here is what we recommend you do right now to secure your social media presence:
1) Increase your password strength
Your password strength directly impacts how easily an attacker can breach your account. A weak password essentially hands hackers the keys to your brand without them having to break down the door.
So make sure your password is as strong as possible (somewhere between 14 to 20 characters long) and never reuse it across different platforms. If you struggle to remember complex combinations, use a company-approved password manager to securely store and retrieve them.
2) Enable 2FA for teams
Two-factor authentication (2FA) is a critical layer of defense because it can stop most brute-force attacks. The way it works is, it requires a second form of verification, like a code from an app, in addition to your password.
That said, for businesses, traditional 2FA can be a bottleneck as it often ties access to a single device. The good news is that 2FA for teams allows multiple authorized users to access accounts securely while maintaining centralized control. However, while 2FA is effective, it is not perfect, so you must implement it alongside our other recommendations.
3) Regularly review account permissions
You must regularly review who has access to your accounts. People naturally leave organizations, and sometimes remaining team members have excessive rights they don't actually need to perform their duties.
Revoke access immediately when a team member leaves to reduce the likelihood of a former employee's compromised account being used to hijack your brand. We have seen many cases where neglected permissions caused damage that could have been easily prevented.
4) Enable account monitoring
Social media monitoring is the process of tracking activities to detect suspicious actions and remove intruders in real-time. There are many different types of social media monitoring tools, for example, some platforms offer basic monitoring and while others focus more on impersonation, either way, businesses need a centralized tool to strengthen their defenses. That's precisely where a tool like Spikerz comes in.
Spikerz is a complete social media security solution that protects your profiles 24/7. Here is how it helps brands:
- Account takeover protection: Detects and blocks unauthorized login attempts.
- Phishing protection: Scans DMs and comments for phishing links.
- Permissions management: Centralizes oversight of who can access your assets.
- Impersonator takedown: Identifies and helps remove fake profiles impersonating your brand or using your copyrighted content.
- Comment moderation: Automatically removes spam, trolls, and toxic content.
5) Protect your local devices
While 2FA and social media monitoring are effective, they are not perfect. Certain attacks can bypass passwords and 2FA altogether through a method called session hijacking.
Session hijacking happens when hackers steal "session tokens" to gain instant access to your accounts (session tokens are small files that keep you logged into a site). To prevent this, you must protect your local devices using traditional antivirus software. Antivirus software detects and removes malware, like keyloggers and other info stealers, that hackers use to steal these tokens.
6) Create a social media policy
A social media policy is your organization's roadmap for online behavior. It helps you determine who gets access to accounts, what they can publish, and how they should represent your brand. Create one to ensure everyone in your organization knows what to expect.
If you want to create a policy in minutes, check out our customizable template. It covers critical areas like:
- Customized policies based on your specific teams and risks.
- A review of current security blind spots.
- Standardized workflows for approvals, access, and crisis response.
7) Create a rapid response team (RRT)
A rapid response team is a dedicated group prepared to act immediately during a security incident. This team ensures you can identify, contain, and recover from a breach before significant damage is done.
Previous hacks, like the Xbox breach, show how powerful an RRT is. Microsoft was able to remove posts within 10 minutes after a hack, preventing a scam from reaching a much larger audience. Without a predefined team and protocol, you will waste critical time deciding what to do while hackers continue to damage your reputation.
Conclusion
Your brand's reputation takes years to build but only minutes to destroy. As the Greg Gutfeld hack proves, even massive accounts are vulnerable to the psychological manipulation of phishing. In an era where cybercrime is more profitable than the drug trade, you can't afford to treat security as an afterthought.
So go ahead and implement strong passwords, enable team-based 2FA, and establish clear response protocols to build a fortress around your digital assets. Don't wait until it's too late. Stop gambling with your company's future and start protecting your digital footprint today.
