How to Identify & Report Scams

Phishing is a common way scammers try to trick you into giving them personal information such as an account username and password, verification codes, Social Security number, or other personal information. Phishing attempts come via email, where scammers use different social engineering tactics to impersonate reputable senders like the IRS, your bank, or brokerage firm.

Other social engineering attempts may take the form of fake websites made to look like your applications such as Robinhood, text messages, social media messages and profiles, phone calls, or postal letters pretending to be Robinhood. When successful, these scammers can gain access to important accounts such as your email or bank accounts; this can result in identity theft, financial loss, or both.

1. The sender’s email domain (the web address that comes after the @ symbol): While the sender name may say “Robinhood”, the email domain should be an authentic Robinhood domain.

• Authentic domain examples:
  • @robinhood.com
  • Shareholder-specific communication: @proxydocs.com, @proxypush.com, @prospectusdocs.com
• Fraudulent domain examples:
  • @robinh00d.com, @gmail.com, @yahoo.com

2. Language: Look out for typos, grammatical mistakes, awkward language, or missing words or spaces.

3. Links: Instead of clicking on links or buttons within emails, log in to the Robinhood app or Robinhood.com directly. Links in phishing emails could direct you to a fake website asking for sensitive information such as your username and password, account information, or Social Security number.

4. Downloads & attachments: Phishing emails may include attachments claiming to be a 1099 tax document or other important files. These frequently contain malware that can infect your device. Be especially wary of .zip, .exe, .doc files.

5. Fake prizes or gifts: Scammers may also contact you with attractive offers for free stock or other enticing deals to lure you in. Always be careful when clicking on links in social media messages, text messages, and emails that you don’t expect or recognize—especially if they sound too good to be true. On social media, Robinhood will only share updates and general information using our verified Robinhood social media handles.

• Only download and use the authentic Robinhood app available in the Google Play store and Apple App Store
• From your computer, only sign on from Robinhood.com to access your account and download items, like your tax forms
• On social media, only interact with Robinhood via our verified Robinhood social media handles
• Only request phone support from Robinhood by logging in and requesting a callback in our app—at this time, we do not have a direct dial phone number

If you encounter any suspected scams via email, text message, phone calls, websites, or social media, report these to reportphishing@robinhood.com. Please note: this email address is for reporting suspected phishing scams only. You will not receive a response from our team.

Help us investigate with the right information:

• Email: Include full email headers. See how to do that here
• Text message: Screenshot the message and include the number that contacted you
• Phone call: Include the phone number from the call and share as much detail as possible
• Websites and social media accounts: Send the full URL or handle and how you found it (such as through a search, a direct message, etc.)

Reporting suspected scams helps our team identify and take down these sites and thwart attacks—your report helps protect you and other customers too.

If you’ve shared your Robinhood credentials with anyone else, you use the same password for a different account online, or you have another concern about your account’s security:

1. Review the devices which have accessed your account by going to Account > Settings > Your Devices in the app. Manually review and remove any devices you don’t recognize or no longer use.

2. Change your password immediately. A strong password contains at least 10 characters, includes uppercase and lowercase letters, numbers, and symbols—and is one you don’t use for any other app or service or share with anyone.

3. Enable Two-Factor Authentication (2FA). 2FA helps protect your account by requiring two sources of verification to sign into your account: something you know (your password) and something you have (a one-time code). Every time you log in or make changes to your account, you’ll be prompted for a verification code. This step helps protect your account, even if someone knows or guesses your password.

Contact Robinhood Support immediately at report@robinhood.com or request a call from a live agent within the Robinhood app if you notice any unusual logins or if you see activity you don’t recognize.

For more tips on how to help keep your account secure, visit our Help Center.

How you’re protected at Robinhood

Test your knowledge with Google’s Phishing Quiz

Guidance on phishing from the FTC

Still have questions? Contact Robinhood Support

By clicking a third-party URL or hyperlink, you’ll be accessing a third-party website. No monitoring is being performed of the information contained on the third-party website. Robinhood Markets, Inc. and its affiliates are not responsible for the information contained on the third-party website or your use of or inability to use such site and do not guarantee its accuracy or completeness.