{“lastseen”:”2025-10-15T18:53:46″,”description”:”A short while ago, our friends at Malwaretips wrote about a text scam impersonating Robinhood, a popular US-based investment app that lets people trade stocks and cryptocurrencies. The scam warns users about supposed \u201csuspicious activity\u201d on their accounts.\\n\\nAs if to demonstrate that this phishing campaign is still very much alive, one of our employees received one of those texts.\\n\\n\\n\\n\\u003e \u201cAlert!\\n\\u003e \\n\\u003e Robinhood Securities Risk Warning:\\n\\u003e \\n\\u003e Our automated security check system has detected anomalies in your account, indicating a potential theft. A dedicated security check link is required for review. Please click the link below to log in to your account and complete the security check.\\n\\u003e \\n\\u003e Immediate Action: https:\/\/www-robinhood.cweegpsnko[.]net\/Verify\\n\\u003e \\n\\u003e (If the link isn’t clickable, reply Y and reopen this message to click the link, or copy it into your browser.)\\n\\u003e \\n\\u003e Robinhood Securities Official Security Team\u201d\\n\\nAs usual, we see some red flags:\\n\\n * **Foreign number:** The country code +243 belongs to the Democratic Republic of the Congo, not the US, where the real Robinhood is based.\\n * **Urgency** : The phrase \u201cImmediate Action\u201d is designed to pressure you.\\n * **Fake domain:** The URL that tries to look like the legitimate robinhood.com website.\\n * **Reply:** The instructions to reply \\”Y\\” if a link isn’t clickable are a common phishing tactic.\\n\\n\\n\\nBut if the target follows the instructions to visit the link, they would find a reasonably convincing copy of Robinhood’s login page. It wouldn\u2019t be automatically localized like the real one, but nobody in the US would know the difference. Logging in there hands the scammers your Robinhood login credentials and allows them to clean out your account.\\n\\nAccording to Malwaretips, some of the fake websites even redirected you to the legitimate site after showing the \u201cverification complete\u201d message.\\n\\nThey also warned that some scammers will try to harvest additional personal data from the account, including:\\n\\n * Tax documents\\n * Full name\\n * Social Security Number (if on file)\\n * Bank account information\\n\\n\\n\\n## How to stay safe\\n\\n**What to do if you receive texts like these**\\n\\nThe best tip to stay safe is to make sure you\u2019re aware of the latest scam tactics. Since you\u2019re reading our blog, you\u2019re off to a good start.\\n\\n * **Never reply to or follow links** in unsolicited tax refund texts, calls, or emails, even if they look urgent.\\n * **Never share** your Social Security number or banking details with anyone claiming to process your tax refund.\\n * **Go direct.** If in doubt, contact the company through official channels.\\n * **Use an up-to-date real-time anti-malware solution**, preferably with a web protection component.\\n\\n\\n\\n**Pro tip: **Did you know that you can submit suspicious messages like these to Malwarebytes Scam Guard, which instantly flags known scams?\\n\\n**What to do if you clicked the phishing link**\\n\\n * Change your Robinhood password\\n * Enable two-factor authentication (2FA) if you haven’t already.\\n * Contact Robinhood support through the official support channels.\\n * Report the scam to Robinhood and other relevant authorities.\\n\\n\\n\\n## Indicators of compromise (IOCs)\\n\\nwww-robinhood.cweegpsnko[.]net\\n\\nwww-robinhood.fflroyalty[.]com\\n\\nrobinhood-securelogin[.]com\\n\\nrobinhood-verification[.]net\\n\\n* * *\\n\\n**We don ‘t just report on threats – we help safeguard your entire digital identity**\\n\\nCybersecurity risks should never spread beyond a headline. Protect your\u2014and your family’s\u2014personal information by using identity protection.”,”published”:”2025-10-15T15:42:57″,”modified”:”2025-10-15T15:42:57″,”type”:”malwarebytes”,”title”:”Scammers are still sending us their fake Robinhood security alerts”,”source”:””,”references”:””,”id”:”MALWAREBYTES:4944D7CCC25A2DE3E42AE54FB17C9A9C”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/10\/scammers-are-still-sending-us-their-fake-robinhood-security-alerts”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-10-15T18:53:46″,”description”:”A short while ago, our friends at Malwaretips wrote about a text scam impersonating Robinhood, a popular US-based investment app that lets people trade stocks…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-21951","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n