Scams Targeting Gig Workers: What Every Uber, DoorDash, and Delivery Driver Needs to Know

You're mid-delivery when your phone buzzes. The text looks like it's from DoorDash support: "Unusual activity detected on your account. Verify your identity to avoid deactivation." There's a link. You're worried about losing access to your income. You tap it, enter your login credentials, and within minutes someone else is logged into your account, accepting orders, and redirecting your earnings.

Gig workers are uniquely vulnerable to scams because the platforms they depend on — Uber, DoorDash, Lyft, Instacart, Amazon Flex — operate almost entirely through digital communication. When something goes wrong, the platform texts you, emails you, or sends an in-app notification. Scammers know this, and they've built an entire industry around impersonating these platforms to steal driver accounts, redirect earnings, and harvest personal information.

The fraud intelligence firm Sift found that hackers targeted roughly one-fifth of accounts on food delivery apps. A Tech Transparency Project investigation identified over 80 Facebook groups with more than 800,000 collective users where stolen or rented Uber and DoorDash driver accounts were openly bought and sold. And CNN reported that these black market accounts allow people to bypass background checks and driver's license requirements entirely — creating real safety risks for both workers and customers.

Here are the scams targeting gig workers right now, and how to protect your account and your income.

The Deactivation Phishing Scam

This is the most common attack targeting gig workers. You receive a text, email, or even a phone call claiming to be from the platform's support team. The message says your account has been flagged for suspicious activity, that a complaint has been filed, or that your account will be deactivated unless you verify your identity immediately.

The link goes to a fake login page that looks identical to the real platform. Once you enter your credentials, the scammer has full access to your account. They can change your bank information, redirect your earnings, accept orders under your name, and lock you out.

Some versions of this scam come as fake ride or delivery requests. You accept the order, and the "customer" calls claiming to be from corporate — they say there's a problem with the request and need to verify your account information to fix it. Uber and Lyft have made this harder to execute by limiting the information visible during a request, but scammers continue to adapt.

The rule: Uber, DoorDash, Lyft, and other platforms will never ask for your password through text, email, or phone. If you get a message about your account, open the official app directly — don't click any links in the message.

Tip Baiting

Tip baiting is when a customer places a large tip on their order to attract a driver, then removes or reduces the tip after delivery. Some platforms show estimated earnings including tips before you accept a delivery, which makes this tactic particularly effective — you accept the order expecting $20 and end up making $3.

This isn't technically a scam in the legal sense, but it's a deceptive practice that directly affects your income. Multiple delivery platforms — including DoorDash and Instacart — have faced criticism for allowing customers to modify tips after delivery. Some workers on Walmart's Spark platform reported widespread tip baiting throughout 2024 and 2025.

The best defense is to track your actual earnings against estimated earnings over time. If a particular delivery type or area consistently shows tip reduction, adjust your acceptance strategy accordingly.

Account Theft and Black Market Sales

Stolen gig worker accounts are a commodity. The Tech Transparency Project found Facebook groups where active Uber, DoorDash, and Deliveroo accounts were rented for as little as $50 per week or sold outright. These accounts let unauthorized individuals bypass background checks and work under someone else's identity.

For the real account holder, the consequences are severe: you may find orders on your account that you never completed, earnings redirected to a bank account you don't recognize, or your account deactivated for "policy violations" you never committed. In some cases, the unauthorized driver commits a crime while using your identity, creating legal exposure for you.

Protect your account the same way you'd protect a bank account. Use a strong, unique password — generate one with the password generator at ScamSecurityCheck.com. Enable two-factor authentication. Never share your login credentials with anyone, regardless of what they offer to pay.

Fake Earnings and "Boost" Scams

Scammers target gig workers through social media groups and messaging apps with promises of higher earnings, "guaranteed" bonus activation, or access to premium order queues. They may claim to have an inside connection at the platform or a software tool that increases your delivery radius or tip amounts.

These schemes typically ask for your login credentials (to "activate" the boost), an upfront fee, or access to your account settings. The result is always the same: account compromise, money lost, or both.

No third party can legitimately increase your earnings on a gig platform. If someone offers this, they're selling a scam.

How to Protect Yourself

Never share your login credentials with anyone. Not a fellow driver, not someone claiming to be support, not someone offering to help with your account. Your credentials are the keys to your income.

Enable two-factor authentication. This is available on most major gig platforms and ensures that even if someone gets your password, they can't log in without access to your phone.

Verify all communications through the official app. If you receive a text about account activity, open the app directly and check your account status there. Don't click links in texts or emails claiming to be from the platform.

Monitor your earnings and account activity regularly. Check your earnings page, completed deliveries, and bank deposit details at least weekly. If you see orders you didn't complete or deposits to an account you don't recognize, contact support immediately and change your password.

Be cautious in Facebook groups and forums. While driver communities can be helpful, they're also where scammers recruit victims. Be skeptical of anyone offering account boosts, guaranteed earnings, or tools to game the platform's algorithm.

Report suspicious messages. Forward phishing texts to 7726 (SPAM). Report fake profiles and groups to the social media platform. File a report with the FTC at ReportFraud.ftc.gov if you've lost money.

Driving for a gig platform? Test your account password at ScamSecurityCheck.com/password-strength-tester — if it's weak or reused, change it today before someone else logs in.