TechFlow news: On April 28, according to Cointelegraph, Robinhood users recently fell victim to a phishing campaign. Attackers exploited Gmail’s feature of ignoring periods (“.”) in email usernames, combined with a vulnerability in Robinhood’s account creation process, to register accounts with email addresses highly similar to those of their targets. This allowed them to trick Robinhood’s official email server into delivering spoofed alert emails—containing phishing links—to victims’ inboxes. Cybersecurity researcher Alex Eckelberry noted that these emails passed SPF, DKIM, and DMARC authentication checks and thus appeared to originate from an official Robinhood address.
Robinhood stated that this incident did not involve any breach of its systems or customer accounts; user funds and personal information remain unaffected. However, the company urged users to delete such emails and avoid clicking on suspicious links.
