< Account Security
Help Center > My Account & Login > Account Security

How to Identify & Report Scams:

Tip

If you ever suspect there’s unauthorized activity on your account, Contact Robinhood Support immediately.

Phishing is a common way scammers try to trick you into giving them personal information such as an account username and password, Social Security number, or other personal information. Phishing attempts come via email where scammers use different social engineering tactics to pose as a reputable sender like the IRS, your bank or brokerage firm. Similar social engineering attempts may take the form of a phone call, postal letter or text message. When successful, these phishing scammers can gain access to important accounts such as your email or bank accounts and can result in identity theft, financial loss, or both.

How to spot phishing:

identifyingscamsimage

  1. The sender’s email domain (the web address that comes after the @ symbol): While the sender name may say “Robinhood”, the email domain should be an authentic Robinhood domain:
  • Authentic domain examples: @robinhood.com. Shareholder-specific communication: @proxydocs.com, @proxypush.com, @prospectusdocs.com
  • Fraudulent domain examples: @robinh00d.com, @gmail.com, @yahoo.com
  1. Language: Look out for typos, grammatical mistakes, awkward language, or missing words or spaces.

  2. Links: Instead of clicking on links, login to the Robinhood app or Robinhood.com directly. Links in phishing emails could direct you to a fake website asking for your sensitive information, such as your username and password, account information, or Social Security number.

  3. Downloads & Attachments: Phishing emails may include attachments claiming to be a 1099 Tax document or other important files. These frequently contain malware that can infect your device. Be especially wary of .zip, .exe, .doc files.

  4. Fake prizes or gifts: Scammers may also contact you with attractive offers for free stock or other enticing deals to lure you in. Always be careful when clicking on links in text messages and emails that you don’t expect or recognize—especially if they sound too good to be true.

Robinhood Support will never do the following:

  • Ask you for your account password or Two-Factor Authentication (2FA) code
  • Send you text messages with links in them
  • Ask you to send money. Never send money to anyone claiming to be from Robinhood. Scammers can use any means to do this typically through third party payment or messaging apps
  • Ask for non-Robinhood account credentials
  • Request that you download remote desktop access software

Steps to help you stay safe:

  • Only download and use the authentic Robinhood app available in the Google Play store and Apple App Store
  • From your computer, only sign on from Robinhood.com to access your account and download items, like your tax forms

Take Action:

Report suspected phishing scams to: ReportPhishing@Robinhood.com. Please note: this email address is for reporting suspected phishing scams only. You will not receive a response from our team.

Help us investigate with the right information:

  • Email: Include full email headers. See how to do that here
  • Text Message: Screenshot the message and include the number that contacted you
  • Phone Call: Include the phone number from the call and share as much detail as possible
  • Websites, Social Media accounts: Send the full URL or handle and how you found it (ie. through search, a direct message, etc.)

Reporting phishing helps our team identify and take down these sites and thwart attacks. Your report will help protect you and other customers too.

If you’ve shared your Robinhood credentials with anyone else, you use the same password for a different account online, or you have another concern about your account’s security:

  1. Check to see what devices have accessed your account by going to Account>Settings>Your Devices in the app. Individually remove any you don’t recognize.

  2. Change your password immediately. It should be 10 or more characters in length with a mix of uppercase and lowercase letters, numbers and symbols) and only used for your Robinhood account.

  3. Enable Two-Factor Authentication with an Authenticator App Contact Robinhood Support immediately at Report@robinhood.com if you notice any unusual logins or if you see activity you don’t recognize.

For even more tips on how to help keep your account secure and to learn account security best practices, visit our Help Center.

Tip

Scammers will target accounts that can be used to reset passwords or receive 2nd factor codes, so it’s critical to use strong security practices across all of your online accounts—especially for the email account associated with your Robinhood account and your phone provider (ex: AT&T, Verizon, T-Mobile, etc).

  1. Use strong and unique passwords for your email and phone provider accounts. A strong password should be 10 or more characters in length with a mix of uppercase and lowercase letters, numbers and symbols and only used for each account.

  2. Enable Two-Factor Authentication ideally with an Authenticator app.

Want to learn more?

How you’re protected at Robinhood

Try out your knowledge trying Google’s Phishing Quiz

Additional guidance on phishing from the FTC

Still have questions? Contact Robinhood Support

By clicking a third party URL or hyperlink, you’ll be accessing a third party website. No monitoring is being performed of the information contained on the third party website. Robinhood Markets, Inc. and its affiliates are not responsible for the information contained on the third-party website nor your use of or inability to use such site and we don’t guarantee its accuracy and completeness.

Reference No. 20210429-1625678-4874200
Still have questions? Contact Robinhood Support