Reports of a “Security Alert” Phishing Scam

Roblox · April 17, 2025, 11:52pm

Creators,

We have been notified of a phishing scam impersonating Roblox Security Alert. This fraudulent email directs users to a fake “Reset Password” page asking for the following information:

Old Password
New Password
Confirm New Password

This page mimics the Roblox recovery flow and may even display your Roblox account’s username and avatar to make the phishing attack appear more convincing.

If you did not receive the email or did not fill out the form with your information, such as your username and password, there is no risk to your account, and no further action is required from your side.

If you did submit your information through the phishing link, please follow the steps below:

Change your Roblox account password
- See the Help Center article.
If you are unable to change your password, please contact Roblox Support for assistance.

For more information on how to keep your account safe, please visit our Help Center.

Thank you.

system · April 18, 2025, 12:06am

This topic was automatically opened after 15 minutes.

Lonegwadiator · April 18, 2025, 12:18am

Same method as last time, bad actors utilizing past RDC data breaches to target high-profile accounts.

YawnMcie · April 18, 2025, 12:25am

Always remember to personally go to the Roblox website yourself and change the password from there. Don’t trust an email link to do it for you.

Alternatively, you can always mark the contact no-reply@roblox.com as trusted/VIP so you know if the sender is genuine or not.

adudu21 · April 18, 2025, 2:18am

For any user experiencing this, i recommend trying to set up a filter that automatically deletes emails/puts emails in a special folder “Unknown” if you are unaware of the domain.

For example, @roblox.com would be trusted but if its from another domain that is not within the trusted list, it deletes it or puts it in an “Unknown” folder.

shaurya6654 · April 18, 2025, 3:49am

This is why you must always check the url before clicking it if it says anything other than roblox.com its probably a phishing link

Rythian2277 · April 18, 2025, 8:59am

The phishing emails have taken up using subdomains which seem like they should be owned by Roblox, such as @noreply-roblox.com

13_5G · April 18, 2025, 9:50am

Also that email has a verified checkmark on gmail. If it doesn’t then i guess it could be a scam

round_63 · April 18, 2025, 11:43am

Yeah, but phishing verified checkmarks are possible. So it’s better to mark the email instead of relying on checkmarks.

Lonegwadiator · April 18, 2025, 5:38pm

Such breaches IIRC are on HIBP, feel free to check if your email is on there

I have no idea how else they’d get the email addreses of top roblox developers.

NobleReign · April 18, 2025, 11:11pm

glad i saw this post before checking my email today, i got one from an @accounts-roblox.com
thank you for posting these advisories cause they really do help a lot

update 2025-04-20T07:00:00Z: just got one from a @mailbox.org?? and it didnt get flagged as spam but i can tell it’s fake so this is weird

mq5v · April 19, 2025, 12:05am

classic scam attempt, fake emails, im surspriseied it still works on people

TheGrimDeathZombie · April 19, 2025, 12:51am

If they make it look convincing enough then most people who aren’t as technically inclined or scam-aware won’t even doubt it is real unless they notice the email address or some other oddity with the email.

JJGAMEPLAY1234 · April 19, 2025, 1:44am

Hey Creators,

Thanks to Roblox for the heads-up! Phishing scams are getting smarter every day — this one is especially dangerous because it mimics the official password reset flow and shows your real username and avatar

If you got a sketchy email pretending to be a Roblox Security Alert, don’t click anything and double-check the sender. Only trust emails from no-reply@roblox.com.

Reminder to everyone:

Never enter your password outside of the official Roblox site.
Enable 2-step verification.
Use strong, unique passwords.

We’re all part of this creative community — let’s protect each other by staying informed and reporting suspicious stuff

Stay safe out there, and keep building awesome things!

Q_Q · April 19, 2025, 2:06am

I received this email but I was surprised it was sent to an email address (an email address exclusive for one account) which isn’t contained in the RDC invite breaches. Even checked it with haveibeenpwned. Kinda unsettling with the prospect that there may have been a potential breach recently.

Here’s a snapshot of what it looks like to be on alert for:

From the whois domain info, it was registered recently. Allegedly they thought about 2fa and the fake site may attempt to detect if an account has it enabled in order to deceive victims for input of a recovery/authenticator code to “reset” their password.

0MPXD · April 19, 2025, 9:49am

I also got false “Security Alert”, but my mail provider flagged it as spam, it was from noreply@accounts-roblox.com. The domain is already down.

TheReal4Cedar123 · April 19, 2025, 10:51am

This was looked into, most of the users aren’t even on the RDC breach list

TheReal4Cedar123 · April 19, 2025, 10:52am

There was never a public website, it only got used for the emails

The domain is still active

Lonegwadiator · April 19, 2025, 6:00pm

I don’t think it makes sense for them to be targeting random Robloxians.

I also saw this on a seperate related article.

It would make the most sense for them to be targeting developers.

GaelPaws · April 20, 2025, 6:29pm

I’ve created an email just for Roblox, and have never used it in any other website, and I got one of the scam emails.
There must have been a databreach on Roblox’s end that hasn’t been disclosed.