Scammers Keep Targeting Empty Robinhood Accounts — Here's Why
A Robinhood user wonders why fraudsters keep trying to hijack a zero-balance account. Experts say even empty accounts have hidden value.
A Robinhood account holder is raising alarms after persistent attempts by an unknown scammer to change the email address linked to their brokerage account — even though the account holds no money. The user told MarketWatch they had simply been ignoring the intrusion attempts, describing the fraudsters as "relentless," but security experts warn that dismissing such activity could be a costly mistake.
Even an account with a zero balance carries significant value on the criminal underground. Verified brokerage accounts — ones that have already passed identity checks and are linked to real personal information — can be sold or exploited to commit future fraud, launder money, or serve as a staging ground for larger financial schemes once funds are deposited. The account itself, not the current balance, is the commodity.
Read more Buy Now, Pay Later Shifts to Essentials as Late Payments Rise →
The tactic also opens the door to what security professionals call account-takeover fraud. Once a scammer successfully swaps the email address, they effectively own the account and can lock out the legitimate holder, redirect any future deposits, or use the verified identity to open linked accounts elsewhere. The personal data attached to a brokerage profile — Social Security numbers, bank account links, tax records — makes these accounts far more dangerous to lose than a streaming service login.
Robinhood and similar platforms have faced sustained criticism over the years for customer-service gaps that make it difficult for victims to quickly reclaim compromised accounts. Security researchers broadly recommend that brokerage users enable multi-factor authentication, use a unique email address not linked to other services, and set up alerts for any account changes — regardless of whether the account holds a balance.
If you receive unsolicited notifications about email or password change requests you did not initiate, treat it as an active breach attempt and contact the platform immediately rather than ignoring it. Continue reading at MarketWatch.com