Scammers use Gmail dot alias trick to spoof Robinhood in phishing scam

📄Full Article· Automatically extracted by trafilatura2734 words

Source: David Gobaud Alex Eckelberry, a cybersecurity researcher and tech CEO, said the phishing campaign wasn’t the result of a hack but instead exploited a native Gmail characteristic that ignores dots in an email address, as well as a “couple of terrible holes” in Robinhood’s account setup. It comes after blockchain security company Hacken reported earlier this month that phishing and social engineering attacks dominated crypto attacks in the first quarter of 2026, accounting for $306 million in losses. Source: Alex Eckelberry Eckelberry said the scam relied on fraudsters creating an account on Robinhood with an email closely mimicking their target’s email address. For example, a Robinhood user could have an email address such as "[email protected].” The scammer would create a new Robinhood account with an email without the dot in the middle, such as "[email protected].” While Robinhood would treat them as completely separate accounts, Gmail ignores dots in the username part of an email address. This means scammers could prompt Robinhood to automatically send emails intended for their fake account, but have them arrive in their target’s inbox instead. To get a phishing link into the automated email sent when a new Robinhood account is created, the scammers would then add HTML instructions to the optional “device name” field on Robinhood, which Gmail treats as formatting instructions. Source: Abdel “The result is a real email from "[email protected]" that passes SPF, DKIM, and DMARC. It looks completely legitimate but now contains injected fake warning text and a working phishing button. Clicking the button leads to a fake login site,” Eckelberry said. Visiting the fake login website alone isn’t enough for hackers to gain access to an account, Eckelberry said, but entering sensitive information such as passwords could allow bad actors to do so. Related: Robinhood Q4 earnings miss as crypto revenues decline Robinhood’s support account on X posted a statement on Monday confirming that some users received a falsified email from "[email protected]" with the subject line “Your recent login to Robinhood” and blamed the issue on an exploit of the “account creation flow.” “This phishing attempt was made possible by an abuse of the account creation flow. It was not a breach of our systems or customer accounts, and personal information and funds were not impacted,” they said. “If you received this email, please delete it and do not click any suspicious links. If you have clicked a suspicious link or have any questions about your account, please contact us directly within the Robinhood app or website.” Magazine: Should users be allowed to bet on war and death in prediction markets?

Data Status✓ Full text extractedRead Original (CoinTelegraph)

🔍Historical Similar Events· Keyword + Asset Matching1 items

2026-04-27

Robinhood Stock Could Suffer After Users Report Phishing Incident

Similarity 130%關鍵字 robinhood/phishing

💡 Currently matching via keywords + symbols (MVP) · Will be upgraded to embedding semantic search later

Raw Information

ID:112802401e

Source:CoinTelegraph

Published:2026-04-28 04:22:53

Category:General · Export Category neutral

Symbols:Unspecified

Community Votes:+0 / −0 · ⭐ 0 Important · 💬 0 Comments