Hey developers!
This is a friendly reminder on how to keep your account secure. Lately, we have been investigating reports of fake Roblox phishing links directing users off-platform. Phishing is when an attacker sends a fake message attempting to trick a user into sharing important account or personal information. As an important reminder, you are one of the best defenses your account has. Be cautious, be safe and make sure to remember these important tips:
-
Never click on links or give your Roblox login credentials on sites you do not recognize. When you log in, ensure you are logging into Roblox by verifying the URL in your browser (see the attached image). Roblox platform links will always start with www.roblox.com (not www.roblox.com.tz or any other variation).
-
Do not click on any links or give credentials to any site advertising free or discounted Robux.
-
If you ever receive an email from an account that looks like Roblox, check if the sender email address is “@roblox.com”. If it is not an “@roblox.com” email address, you can contact our Customer Support team at www.roblox.com/support to check or alert them to a suspicious email.
-
Never share your screen with others while you enter or change any login credentials.
-
Roblox moderators and Customer Support will never ask for your password, 2 Step Verification code, screen share or use of a 3rd party app/browser extension to access your system, so do not share with anyone requesting this information.
Add additional layers of security to keep your account secure:
- Turn on Authenticator 2 Step Verification by going to Account Settings > Security
- Passwords should be a mix of special characters, numbers, and lowercase/uppercase characters that is longer than at least 15 to 25 characters. They should also be unique (ie. not “password123” or “abcdefg”).
- Consider utilizing a password manager so you never have to reuse passwords.
Remember to follow these tips even if a message is coming from a friend or friendly face. If a family or friend’s account is compromised, phishers can use that connection to phish or gather more information about you. If you would like to learn more about this, check out this article: Keep Your Account Safe - Roblox.
Regards,
Developer Relations Team