Robinhood Stock Could Suffer After Users Report Phishing Incident

1 hour ago 9

Robinhood confirmed that fraudulent emails sent from [email protected] were a phishing attempt. The company said attackers abused its account creation flow without compromising customer accounts or company systems.

The falsified message, with the subject line “Your recent login to Robinhood,” prompted recipients to delete it. Customer balances and personal data remained untouched, the company’s help account stated on X.

Phishing Email Bypasses Robinhood Authentication

A Robinhood customer who analyzed the raw .eml file said the message passed SPF, DKIM, and DMARC checks. The email originated from Robinhood’s own infrastructure.

Got a legit-looking @RobinhoodApp email today. Haven’t touched the account in years.

Downloaded the raw .eml and checked headers.

SPF ✅
DKIM ✅
DMARC ✅
It was actually sent from Robinhood’s infrastructure.
But the body had a phishing payload injected into it.

The top half… pic.twitter.com/iWXKPBfhyO

— abraham (@abemil7) April 27, 2026

Attackers injected HTML into the legitimate email body. The injection embedded a “Review Activity” button that redirected to a domain called tinzio.net via googletagmanager.com.

David Schwartz, CTO emeritus at Ripple, also flagged the campaign, highlighting that the messages may actually be coming from Robinhood’s email system.

“I’m not sure exactly what’s going on, but it seems (at least from a quick look) like these emails were somehow injected into Robinhood’s actual email infrastructure at some point,” he warned.

Robinhood (HOOD) traded near $84.71 on Monday morning, up 1.40% on the day, but recorded pre-market losses of up to 0.3% despite the phishing incident on Sunday evening.

What Robinhood Customers Should Do

Robinhood Help advised affected customers to contact support through the app or website rather than click any links.

The brokerage encouraged anyone who interacted with the email to change passwords, rotate two-factor authentication (2FA), and review recent device activity.

On Sunday evening, some customers received a falsified email from [email protected] with the subject line “Your recent login to Robinhood.”

This phishing attempt was made possible by an abuse of the account creation flow. It was not a breach of our systems or customer…

— Robinhood Help (@AskRobinhood) April 27, 2026

The pattern points to attacks in which authentication standards pass even as the email payload itself becomes malicious.

Robinhood has not detailed how attackers gained access to the account creation flow. It also has not said whether other customers received similar messages.

The post Robinhood Stock Could Suffer After Users Report Phishing Incident appeared first on BeInCrypto.

Read Entire Article