Robinhood Phishing Attack Exploits Gmail’s “Dot Alias” Feature to Forge Official Emails and Lure Users into Logging In
According to Cointelegraph, Robinhood users have recently fallen victim to a phishing attack. Attackers exploited Gmail’s feature of ignoring periods (“.”) in email usernames, along with a vulnerability in Robinhood’s account creation process, to register accounts with email addresses highly similar to those of their targets. This enabled them to trick Robinhood’s official email server into delivering spoofed alert emails containing phishing links directly to victims’ inboxes. Cybersecurity researcher Alex Eckelberry noted that these emails pass SPF, DKIM, and DMARC authentication checks and thus appear to originate from Robinhood’s official domain.
Robinhood stated that this incident does not involve any breach of its systems or customer accounts, and user funds and personal information remain unaffected. However, the company urges users to delete such emails and avoid clicking any suspicious links.