Fake Robinhood Trade Confirmation Phishing Scam
Scammers send fake Robinhood trade confirmation emails claiming the user's account was just used to buy or sell securities, using alarm to drive clicks on a credential-harvesting login page.
Part of: Fake Order Confirmation Phishing Scams
Last reviewed: 8 June 2026
Robinhood sends trade confirmation emails for every executed order — buy, sell, options exercise, or dividend reinvestment. These emails follow a consistent format and are familiar to active traders. Criminals replicate this format precisely, fabricating trade confirmations for large or unusual transactions (such as a $5,000 purchase of a penny stock or a full liquidation of the user's portfolio) and sending them to Robinhood users whose email addresses were exposed in data breaches.
The psychological trigger is acute: an investor who sees a large unauthorised trade in their portfolio will react immediately and emotionally. The urgency causes them to click the 'Cancel Order' or 'Contact Support' link before pausing to verify, leading them to a phishing page.
The real Robinhood allows users to cancel certain order types before execution within the app — but this process requires authentication within the actual Robinhood app, not through an email link.
How this scam works on the Robinhood brand
The phishing email closely mimics a Robinhood order confirmation, naming a real stock ticker and a plausible price, along with an order ID and timestamp. The amount is large enough to cause alarm. Two calls to action appear: 'Cancel Order' and 'Contact Support.' Both buttons link to a fake Robinhood sign-in page.
After entering credentials, users are shown a fake 'order successfully cancelled' message and told to log in again to confirm. This second login is a second credential capture. In the background, the scammer uses the first set of credentials to access the real Robinhood account and initiate a genuine transfer.
Some variants reference an options trade with a complex expiry date — designed to confuse the user enough that they focus on logging in quickly rather than analysing whether the trade makes sense.
Common red flags
- You receive a trade confirmation for a purchase you did not make.
- The from-address is not @robinhood.com.
- The link in the email does not go to robinhood.com.
- When you open the Robinhood app directly, the trade confirmation does not appear in your activity.
- The email requests you to enter both your password and an authentication code.
- The 'cancel order' function is presented as an email link rather than an in-app action.
- The trade confirmation shows an account balance significantly different from your actual balance.
How to protect yourself
- Always verify trade activity by opening the Robinhood app directly — do not trust email links.
- Enable push notifications for all Robinhood trades so you see real activity as it happens.
- Enable two-factor authentication on your account using an authenticator app.
- Use a password manager — it will not autofill on a fake domain.
- Know that orders can only be cancelled within the app during the appropriate window — email links are not the real mechanism.
How to report it
- Forward phishing emails to [email protected].
- Report to Robinhood support at robinhood.com/support if your account was accessed.
- File with the FTC at reportfraud.ftc.gov.
- Report to FINRA at finra.org/investors/have-problem/file-complaint.
- File with ic3.gov if funds were moved.
Frequently asked questions
Can I cancel a Robinhood trade via an email link?
No. Order cancellations are done within the Robinhood app during the order-pending window. No email link triggers a real cancellation — this mechanism does not exist in Robinhood.
What does a real Robinhood trade confirmation email look like?
It comes from @robinhood.com, contains the stock ticker, number of shares, execution price, and a link that goes directly to robinhood.com. It does not ask you to enter a password.
I clicked the link and entered my password. What should I do?
Immediately log in to robinhood.com directly and change your password. Review linked bank accounts and recent trades. Enable two-factor authentication if not already active. Contact Robinhood support.