Overview
- Kamath said he clicked a convincing “Change Your Password” link in a phishing email that mimicked an X security alert during an early-morning lapse in attention.
- Attackers captured credentials to hijack a single active session and posted scam cryptocurrency links from his account, which had two-factor authentication enabled.
- Two-factor authentication blocked full account takeover, limiting the incident to the compromised session before access was restored and the posts were removed.
- He described the operation as fully AI-automated and not personally targeted, noting the email evaded spam and phishing filters and referenced a supposed Delhi login.
- Framing the episode as a cautionary example, he said 2FA remains essential but cannot solve human error, calling for policies, training, and process-focused defenses; no wider Zerodha breach was reported.