{"id":"2048606874854097242","url":"https://x.com/rockkdev/status/2048606874854097242","text":"New Robinhood phishing chain that's kinda beautiful:\n\n1. Attacker creates an RH account using the Gmail dot trick of your email (same inbox, different address)\n2. Sets device name to HTML\n3. RH's \"unrecognized activity\" email renders the device name unsanitized (html injection)\n\nThe result is a real email from noreply@robinhood.com, DKIM pass, SPF pass, DMARC pass, with a phishing CTA\n\nJust because it's real, doesn't mean it's safe... $HOOD","author":{"name":"Abdel","username":"rockkdev","avatarUrl":"https://pbs.twimg.com/profile_images/2047798132512276480/lbyDbhu6_200x200.jpg"},"createdAt":"Mon Apr 27 03:35:14 +0000 2026","engagement":{"replies":179,"retweets":368,"likes":3817,"views":2970589},"media":{"photos":[{"url":"https://pbs.twimg.com/media/HG4cn3fbYAEKIpT.jpg?name=orig","width":1460,"height":770},{"url":"https://pbs.twimg.com/media/HG4c64YbQAAiWgK.jpg?name=orig","width":2628,"height":1264},{"url":"https://pbs.twimg.com/media/HG4c8I_bQAAwRHY.jpg?name=orig","width":916,"height":1150}],"videos":[]},"adhxContext":{"savedByCount":1,"publicTags":[],"previewUrl":"https://adhx.com/rockkdev/status/2048606874854097242"}}