Don't Fall For These DoorDash Scams

Throughout the COVID-19 pandemic, food delivery services like DoorDash, Uber Eats, Grubhub, and Postmates saw significant growth as many dine-in services at restaurants were put on hold and take-out became a premium commodity. According to Business of Apps, DoorDash is the current leader of this convenient customer service model in the US, and they are said to have pioneered the platform. What sets them apart? DoorDash founder and CEO Tony Xu considers the company to be quite logistical, providing a seamless option to food-centric businesses that otherwise would not have a delivery option.

While it's extremely convenient to get that late-night McDonald's craving delivered straight to your door, the online nature and lack of face-to-face interaction when using the app creates vulnerability to data breaches and leaks. Per LifeLock, DoorDash customers were the victim of a massive data breach in 2019 that comprised the personal and financial information of 4.9 million customers.

And there are other DoorDash scams to be aware of when ordering through the app — or even if you are one of the contractors doing the deliveries.

These are common DoorDash scams

According to Make Use Of, smishing scams are one of the dangers of using apps like DoorDash. Per AARP, smishing — similar to phishing emails — is the "practice of stealing personal or financial information through deceptive communications ... namely text messages on mobile devices." Since the data breach in 2019, which included DoorDash customer's information like phone numbers, some users have reported receiving texts about a food order that they never actually placed, leading them to click a link to verify account information where hackers are able to collect full financial details.

Ridester shares that email phishing is similarly a common way that scammers acquire information. The culprits will send emails to users, disguised as DoorDash, prompting them to log in to their account and take a survey with the promise of money off future orders. While the website looks like DoorDash, it's actually a third party site that harvests personal information.

Within the past couple of years, people in Canada and the US have also seen random charges in their accounts from DoorDash, according to Blog To, even if they don't have or use the app. Customers lost hundreds of dollars on deliveries they didn't order or DashPass memberships they didn't purchase.

Caution should also be paid when receiving a DoorDash order. Hackers have also gained access to data like personal addresses — one homeowner in Ohio called police after a sizable group came to her home for a DoorDash delivery she did not place, per KUTV

DoorDash drivers are affected by these scams too

While driving for DoorDash offers immense flexibility and the potential for earning as much or as little as each driver wants, and on their own schedule, contractors are also susceptible to these scams. Some drivers have not been paid for their deliveries and have had money taken from them due to hackers. Protocol explained how it works: A scammer will place an order that a DoorDash worker will accept. The Dasher then receives a phone call from the person pretending to be a DoorDash support representative that informs the driver that the order has been cancelled, or there is an issue with the driver's app, and then asking for their login information to correct it. Hackers will then change the driver's direct deposit information and immediately cash out earnings.

GigLaunch shares that DoorDash has since made changes to their instant cash policies to counteract the problem, but it's still possible for scammers to take earnings in other ways. So, it's ideal to remain cautious when placing or delivering an order through meal delivery apps to ensure your information is kept safe.