Robinhood Says Spoofed Emails Hit Some Customers Without System Breach

David Schwartz warned that a phishing campaign targeting Robinhood users is using emails that appear legitimate, while Robinhood has said the incident did not involve a system breach or customer-account compromise.

33d ago

Summary

Ripple’s former CTO David Schwartz warned that a targeted phishing campaign is exploiting Robinhood users through seemingly legitimate emails ahead of the company’s earnings report. The new report aligns with Robinhood’s earlier statement that some customers received spoofed emails appearing to come from noreply@robinhood.com. Robinhood said the incident stemmed from abuse of its account creation process rather than a breach of its systems or customer accounts, and stated that personal information and customer funds were not affected.

Terms & Concepts

Phishing: A fraud technique in which attackers impersonate a trusted entity to trick users into revealing information or taking harmful actions.
Spoofed email: An email made to appear as if it was sent from a legitimate address, even though the true sender is different.
Account creation process: The workflow used to register new users; if abused, it can be used to generate misleading or unauthorized communications.