Gate News message, April 28 — Robinhood users have been targeted by a phishing campaign that exploited Gmail’s “dot alias” feature alongside weaknesses in the platform’s account creation process. Attackers registered fake Robinhood accounts with slightly altered email addresses, leveraging Gmail’s behavior of ignoring dots in usernames to route system-generated emails to legitimate users’ inboxes.
The campaign involved injecting malicious HTML code through the optional “device name” field during account setup. This allowed phishing links and fake warning text to appear within official emails from “[email protected]” that passed authentication checks such as SPF, DKIM, and DMARC, making them appear legitimate to recipients. Users who clicked the phishing button were directed to fake login sites designed to capture their credentials.
Robinhood confirmed that the phishing emails did not result from a system breach but rather from abuse of its account creation flow. The company stated that personal information and funds were not impacted. Users were advised to delete suspicious emails and access their accounts directly through the official app or website rather than clicking unknown links.
The incident reflects a broader trend in the crypto sector, where phishing and social engineering attacks are driving significant losses. Security firm Hacken reported that such attacks accounted for $306 million in losses during the first quarter of 2026, highlighting how attackers increasingly target user behavior and platform design gaps rather than attempting direct system intrusions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
GlassWorm Malware Plants 73 Sleeper Extensions in OpenVSX to Steal Crypto Wallets
Gate News message, April 28 — Security researchers have identified 73 malicious extensions planted by GlassWorm malware in OpenVSX's registry, with six already activated to steal developers' cryptocurrency wallets and credentials. The extensions were uploaded as fake copies of legitimate listings, w
GateNews2h ago
Crypto Hacks Have Stolen $17.1 Billion Over Past Decade Across 518 Incidents
Gate News message, April 28 — Cumulative losses from crypto hacks over the past decade have reached $17.1 billion across 518 incidents, according to ChainCatcher data.
The past five years accounted for $15.2 billion in losses from over 450 incidents, while the past year saw approximately $2.5 billi
GateNews10h ago
AI-Powered Crypto Scam Drains Senior's $300K Retirement Savings; FBI Reports $11B in Crypto Fraud Losses for 2025
Gate News message, April 28 — Kyle Holder, a 73-year-old from New York, lost her entire $300,000 retirement savings to an AI-driven crypto investment scam that began in December 2024. After responding to an unsolicited WhatsApp message advertising a crypto investment course, she was connected with s
GateNews11h ago
French Authorities Indict 88 Over Surge in Violent Crypto 'Wrench Attacks'
Gate News message, April 28 — French authorities have indicted 88 people following a surge in violent crypto-related kidnappings known as "wrench attacks." Named after a popular xkcd webcomic, wrench attacks involve criminals using violence, intimidation, or confinement to compel crypto holders to r
GateNews11h ago
ZetaChain Pauses Cross-Chain Transactions After Smart Contract Attack
Layer 1 network ZetaChain has paused cross-chain transactions on its mainnet after identifying an attack on its GatewayEVM contract, according to The Block. The incident impacted only internal ZetaChain team wallets, with no user funds affected, the team stated. According to DefiLlama data, $300,000
CryptoFrontier12h ago
SUNX Issues Warning Against Fraudulent Impersonation and Phishing Schemes
Gate News message, April 28 — Derivatives trading platform SUNX released an official statement warning against counterfeit platforms impersonating the brand. According to the announcement, fraudsters have recently been using unofficial Chinese translations such as "孙克斯" (Sunke Si) and "森克斯" (Senke S
GateNews13h ago
