With the recent data breach at Robinhood, customers can now expect that a phishing attack is coming their way.
As reported on Bleeping Computer the RobinHood data is now reported to be for sale for $10k+ on hacker forums. Samples of the data are shown by the forum poster and are considered to be authentic.
Robinhood had already confirmed the breach and it is inevitable that the data is for sale somewhere.
What Happened?
Robinhood reported a hack on November 8, 2021, and data was taken from their servers:
Email addresses for approximately five million users
Full names for a different group of approximately two million people
Several thousand phone numbers
Text entries that Robinhood is continuing to analyze.
In an updated statement, Robinhood doesn't believe that Social Security numbers, bank account numbers, or debit card numbers have been taken. They also believe there has not been a reported financial loss, yet. With the data for sale, scammers will invest to buy the data and attempt to start the financial losses for Robinhood customers through phishing attempts.
Here's What the Phishing Emails Will Look Like
With the data for sale, the best chance a scammer has to phish a user is to impersonate a service provider that the customer already knows and trusts. In this example, five million Robinhood users will be getting Robinhood branded emails, but they'll be fake.
Robinhood Phishing Emails—Get Ready For These
In a data breach like this, the scammer who buys the email addresses will put in a lot of effort to replicate the Robinhood design and to make it look like it is legitimate.
Here's what the phishing emails will look like (click to enlarge).
Here's How to Beat Fake Robinhood Emails
In the example above, there are still two warning signs of a scam—identifying these will always keep you safe:
The sender's email address.
The links.
1. Always Check the Sender's Exact Domain
Robinhood states on their website that they will send you emails from:
If you're a Robinhood user, never trust anything that is not from @robinhood.com exactly.
2. Never Click On Links
Robinhood and many other companies rightly suggest never clicking on any links, including links from their authentic emails.
Always open the app or go to the website directly.
Links in phishing emails are used to redirect you to an imposter website, which is the critical part of a phishing attack. If you always ignore links then you cannot be phished.
In the example above, you can see that the body of the email has a link. This must be avoided to stay safe, even if you think you should trust the domain.
Warning: It Might Be Very Convincing
For the scammers who will purchase the Robinhood data from the hacker, they will look to make the most of their investment and deliver the most convincing phishing attempts on Robinhood users.
This will mean buying a convincing domain to send emails from (sending from @gmail.com or @yahoo.com won't cut it).
At the time of publishing, there were many versions of the word 'Robinhood' domain names for sale.
Unfortunately, there were even domains for sale which could be acquired and which would be extremely convincing, like the domain "robinhood.security" which is for sale on GoDaddy.
It would be very easy to glance at an email from [email protected] and think it was legitimate.
It is not.
If the scammers did this, would all five million people who are about to be targeted, detect this address [email protected] as a fake?
Probably not.
So just choose to never click on ANY links from Robinhood emails.
We wrote about some safety tips including the necessity of setting up 2FA for Robinhood in this article. Enabling 2-factor authenticationfor your Robinhood account will ensure that hackers won’t be able to access your account even if they have your username and password.
Trust no one. Click on nothing. Change your password and enable 2FA immediately.
Verified.org is free to use. We are funded through a combination of direct investment by the founders and advertising and affiliate links for which we may get paid a fee. When you click on the links you are supporting Verified.org.
Our writers research their work independently of advertisers. Any recommendations by writers on Verified.org is not influenced by any funding we receive.
Comments