Robinhood Phishing Scam

Overview

Scammers created fake Robinhood accounts with email addresses differing only by a dot, causing Gmail to deliver Robinhood's automated emails to victims' inboxes with phishing links injected via the device name field.

Phishing attack exploits Gmail's dot alias feature and Robinhood's account creation flow to send fake login emails from Robinhood's official mail server, tricking users into entering credentials.

Sources & Timeline

1. NewCointelegraph85%

   Scammers created fake Robinhood accounts with email addresses differing only by a dot, causing Gmail to deliver Robinhood's automated emails to victims' inboxes with phishing links injected via the device name field.

   Apr 28, 2026, 5:22 AMRead on Bytewit →