Since the web3 solution is plugged into the rest of the Hive blockchain, a variety of strategies to mitigate such hacks can be devised. For example, people with staked tokens can signal (perhaps via a custom_json) that a given message is a scam, and the web3 solution can correspondingly display it in such a way.

Another idea is to allow only ULRs from certain domain names to be in messages coming from team members (accounts with particular roles in a Hive community).

And if it the web3 solution is really integrated, we might even get rid of the need for URLs. You can interact directly with the blockchain and its 2nd layers whether you're in the chat or in another frontend. And strategies to prevent scams will work at the blockchain level and be picked up by whatever tool one uses to interact with the blockchain. This might be further down into the future, though.