Jimmy Quach had been working part time as an Uber Eats delivery driver in Albuquerque, N.M., for two months when he was scammed out of his earnings.
After a customer canceled a Taco Bell order, he received a phone call from a person claiming to be Uber support. The person asked him to log out of his account, send a photo of himself for verification purposes, and type in a bank account number as a payment method in the Uber Eats app.
Quach followed the instructions and lost the $337.36 in his account. That was in April. When he asked Uber for his money back, the giant ride-hailing company said no.
“We determined that there was no evidence to suggest that your account was compromised,” a representative from Uber Greenlight’s Account Security and Risk team told him in an online chat, a screenshot of which was seen by MarketWatch.
Jimmy Quach does deliveries for Uber Eats in Albuquerque, N.M.
But after MarketWatch contacted Uber in June to ask about the incident, Quach received a message from a different representative, who said she was from Uber’s Priority Support.
“I understand that someone illegitimately accessed your account,” she said. The representative apologized “for the length of time it took to receive your stolen earnings,” and Quach got his money back.
“What happened to this driver is frustrating and appears to be the result of a scam by a third-party bad actor,” an Uber spokeswoman told MarketWatch.
Getting scammed made Quach wary of doing deliveries for a bit, but he said he has since tried again when he has free time while going to trade school to be an electrician. “I just want to make sure that fellow drivers are aware of the types of scams that can be done by people who claim to be good,” he said.
Quach and some other app-based delivery workers for companies like Uber Technologies Inc.
Instacart and Just Eat Takeaway’s
Grubhub have something in common: They have found that the systems the companies put in place don’t necessarily keep their earnings safe from bad actors. And while some have been able to get their hard-earned cash back, many of them have lost money, reflecting the fragility of their positions as part of the gig economy.
Drivers for the big gig companies are considered independent contractors and receive neither direct supervisors nor training, making it tough for them to navigate dealing with customers as well as the platforms’ different third-party partners, from restaurants to grocery stores to the companies that issue debit cards in which their earnings are deposited. With a lack of institutional protections, these workers are often in a vulnerable spot, making them a target of phishing scams, impostor scams or, in at least one case, a scam that may have been perpetrated by a member of their own household.
MarketWatch talked with about a dozen app-based delivery workers in at least six different states, and contacted many more who told their stories online about how they lost their earnings in scams, hacks or other ways. MarketWatch also obtained, through a Freedom of Information Act request, nearly 300 records of complaints to the Federal Trade Commission in the past three years by Uber, DoorDash, Instacart and Grubhub workers around the nation who said they lost their earnings — or in some cases everything in their bank accounts — because they turned over personal information to people whom they thought were support representatives.
In addition, MarketWatch reviewed hundreds of similar tales in worker forums on Reddit, in Facebook groups and elsewhere, even as the companies say such cases are rare.
Academics who study gig work said it is almost impossible to independently quantify the scope of the problem because the companies tend to hold their data close, and are loosely regulated, if at all.
“It’s kind of a recipe for some sad experiences for workers,” said Shelly Steward, director of the Future of Work Initiative at the Aspen Institute.
A DoorDash delivery person rides a bike in New York City.
‘Are you sure you’re working?’ For three years, Sameer Sharma had been performing DoorDash deliveries smoothly, but in 2021 he began to notice a drop in the earnings he was receiving, which didn’t seem to match the number of hours he was working. As more time passed, DoorDash deposits into his bank account completely stopped.
“My wife asked, ‘Are you sure you’re working?’” Sharma told MarketWatch last August. He contacted DoorDash support and waited for someone to do something about his complaints, but continued to do deliveries in the San Francisco Bay Area for a couple of more months. It was his only source of income, and he said he thought it would all be straightened out and he would eventually be paid.
But his earnings never started flowing again into his bank account. Money got so tight that Sharma said he, his wife and their three kids had to move in with his in-laws because they were evicted from their apartment. At one point, there were as many as 15 people living in that house, he said.
His wife, Rajni Sharma, said the financial situation for their family became precarious.
“I was using all the stimulus money,” she said, adding that eventually she was “transferring money from our savings accounts for my daughters just to survive.”
Sharma eventually obtained a job, where he is considered an employee, last year. But once he received his 1099 tax form from DoorDash at the end of January, he and his wife realized the math didn’t add up. There was a $9,000 difference between what DoorDash reported as Sharma’s total earnings for the year, nearly $23,000, and what was actually deposited into their bank account. The Sharmas shared their bank statements from last year with MarketWatch.
As he struggled for months to find out why he wasn’t seeing his earnings in his bank account, Sharma said he contacted DoorDash support more than a dozen times from August 2021 through October 2021. He said he was promised someone would get back to him, but his issue was not prioritized by the company until several months later, after MarketWatch contacted DoorDash. A DoorDash spokesman acknowledged that the investigation and resolution process can sometimes be lengthy.
What Sharma said he thinks happened is that someone opened a debit card in his name and diverted his earnings to that card. The DasherDirect debit card, issued by DoorDash partner PayFare Inc.
enables delivery workers to be paid daily instead of weekly. Sharma said he did not apply for the card and had no idea he had such an account, though when he was asked to check the app, he said he was surprised to see the card show up in his account.
A DoorDash spokesman told MarketWatch that the person who opened the PayFare account had to have access to Sharma’s phone and email, because two-factor authentication had been activated. The head of customer support at PayFare said she investigated the matter and determined that whomever had the debit card spent nearly all of the thousands of dollars Sharma was missing. There was only $1.08 remaining on the card.
After conversations with DoorDash, PayFare and MarketWatch, Sharma said he suspected somebody in his household probably intercepted the physical debit card that PayFare said was mailed to him. With Sharma’s permission, PayFare shared details of the debit-card transactions with him and MarketWatch. The transactions occurred in the same geographic area where he and his family live, and totaled more than $9,000. PayFare determined there was nothing to refund to Sharma.
“It’s not fair for anyone to be treated this way, especially when you work hard,” he said in May. “Now I have to figure out who did it — that’s the hard part.”
One thing he does know: “I’m done with gig work. I have my kids to think about.”
An Instacart shopper at a ShopRite in New Jersey.
A mysterious paper note and phone number The companies say phishing or impostor scams have been around for a long time. An Uber spokeswoman said the scams are evolving as the company continues to update security controls. A DoorDash spokesman said the company is “constantly working to improve our defenses.”
Also among the preventive measures Uber, DoorDash and Instacart tout is two-factor authentication, but scammers are getting around that by persuading gig workers to give up their personal information.
One of the most common scams involves workers getting a phone call from a person claiming to be an Uber, DoorDash, Instacart or Grubhub support representative while they’re on a delivery or shopping trip. Somebody places an order through the app — usually for a small or single item — as a way to connect to the delivery worker, then proceeds to try to extract information from them.
Scammers also try to contact workers in other ways. Online gig-worker forums are teeming with questionable offers to help get workers reactivated after they have been deactivated, or kicked off the platform. The solicitations usually include a link or a phone number.
And sometimes scammers get other parties involved. A DoorDash worker out of Port St. Lucie, Fla., who asked to remain anonymous, told MarketWatch that in March she tried to pick up an order from a Five Guys restaurant, but the workers there said she had to call DoorDash support first so the order could be released to her. A phone number was written on a piece of paper and taped next to the checkout counter. She said she tried calling the number but there was no answer, yet the order was released to her anyway because the restaurant workers recognized her. She tried calling the number later, and returned to the restaurant to inform the workers that the person who answered tried to get her to share personal information and even threatened her with deactivation. She said she did not fall for the scam.
The manager of that Five Guys, Curtis Jones, told MarketWatch he’s not sure who put the phone number up. Jones said the restaurant workers removed the phone number from the counter after a few DoorDash workers came back to say it was not really for DoorDash support, and that at least one delivery worker told them he fell for the scam and lost his earnings.
A few complaints received by the Federal Trade Commission in the past three years, which the agency noted are unconfirmed, describe similar instances of delivery workers finding a number to call when they arrived at certain restaurants to pick up customers’ orders.
Of 271 FTC complaints MarketWatch obtained and examined, about 64% were by Uber Eats workers, 18% were by DoorDash workers, 16% were by Instacart workers and 2% were by Grubhub workers. The complaints came from all over the nation, with about 23% from California and 15% from New York.
Many of the complainants, whose names and identifying information were redacted, urged the FTC to act to hold the gig companies responsible, or to help the workers recoup their stolen earnings — which some of them said totaled hundreds or thousands of dollars.
“[I’m] getting hopeless day by day, that’s a lot of money which I tried to work to pay off my debt during this hard time,” one person who claimed to be a DoorDash driver from Long Beach, Calif., said in an August 2020 complaint that detailed a loss of “$1,001.87, the amount I worked for the whole week.”
Another complainant, who claimed to be an Uber Eats driver in Dallas, told of being called by a person impersonating Uber support and fooled into sharing personal information, including a Social Security number. The scammer “was able to get into my Uber Account and change my last name from [redacted] to [redacted] so that I won’t be able to cash out any of my potential earnings since it doesn’t match my banking details,” the driver said in the complaint filed in August 2021. The driver added: “I have reported this to Uber, but please know that Uber has been VERY DIFFICULT with resolving this issue. They don’t seem like they even want to help me with this.”
The FTC would neither confirm nor deny any actions it is taking related to the complaints.
Uber, DoorDash, Instacart and Grubhub said they regularly warn workers — when they sign up to work, by email, in their apps or in earnings statements — about possible scams. That includes informing them that the companies do not call or text to ask delivery workers to share their personal information, they said. They urge workers to contact them via app, the companies’ websites or by phone when they encounter suspicious issues or other problems. Spokespeople for Uber and Grubhub said the companies place holds on accounts that they suspect have been compromised.
The companies also said they have dedicated support teams to handle worker issues, including teams that focus on cases of fraud. None of the gig companies contacted by MarketWatch would disclose how many scammed workers they have reimbursed.
Gig workers fear deactivation from platforms Elena Christina Menz, a shopper for Instacart in the Twin Cities area of Minnesota, said she recently fell for a scam by someone who impersonated Instacart support.
She was juggling two different orders, known among Instacart workers as a “double batch.” At the same time, Menz received a call from a man who told her there was a security issue with one of her customers. He asked her to log off her account, then uninstall and reinstall her app. When she logged back on, her account had been emptied.
“I’m the queen of watching for scams, and I don’t know how I fell for this,” Menz said. “They catch you in the process when you’re just trying to get things done quickly.”
Menz said she didn’t try to get her money back because there was less than $25 in her account at the time. She was more worried about her shopper rating because having those two canceled orders counted against her.
“These gig jobs with the ratings — they’re very bad,” Menz said. But with six kids and a husband who wasn’t working due to a medical issue, plus a struggling cleaning business that has been decimated by the pandemic, she needed a source of income and was worried about being “fired.”
“‘They catch you in the process when you’re just trying to get things done quickly.’”
— Elena Christina Menz, a gig worker for Instacart
According to an Instacart spokeswoman, if shoppers can prove they were deactivated for reasons beyond their control, their appeals will be approved and they will be reinstated.
The fear of deactivation was a common thread among the delivery workers contacted by MarketWatch.
A DoorDash delivery worker in San Francisco, who asked to be identified only as Dante, said he was scammed out of about $400 by someone he thought was a company support representative.
“With DoorDash, there’s always a looming threat of deactivation,” he said. “When it’s your main source of income, you feel this pressure.”
He said the scammer “was well-spoken” and sounded “highly irritated… It sounded like I was in trouble.” Dante followed a link the scammer provided to what looked like an official DoorDash website, he said, which allowed the scammer to steal his login credentials.
When he contacted DoorDash support to report that money was missing from his account, he did not tell the company he surrendered his personal information to the scammer. He said he then got his money back “surprisingly” quickly, within a couple of days, but DoorDash told him it would only happen that one time.
A DoorDash spokesman said, “Dashers are ultimately responsible for protecting their own personal information and we may not provide multiple payments if [it is] determined a Dasher has contributed to any loss or fraud.”
Two delivery drivers for Uber Eats, who have yet to recover earnings that they claim were stolen as part of a phishing scam, recently posted about their experiences on Reddit, but did not want to share more details with MarketWatch. One said he was afraid of retaliation, such as getting deactivated. The other wrote back that all he wanted to say was, “tell Uber to fix their support team. They are absolutely useless.”
‘The algorithm is their manager’ Gig-work scholars said key aspects of the gig economy contribute to the persistence of the problem of workers losing their earnings.
Generally, delivery workers pull up an app on their phones, decide whether they want to accept an order and head to a restaurant or store. They sometimes communicate with the customer in app, or by phone or text, but do not usually have a lot of direct contact with other delivery workers.
Katie Wells, a postdoctoral research fellow at Georgetown University who studies the Washington, D.C., gig economy, said that because app-based workers are so “atomized” — they’re spread out and work apart from one another — they are unlikely to have the chance to ask their peers about how to handle certain aspects of the job. They don’t have supervisors to consult, either.
“They don’t have a boss… the algorithm is their manager,” she said. “That makes them more susceptible” to these types of scams.
Delivery workers being tricked or cheated out of their earnings is “another example of why it’s a problem that there’s no regulatory oversight of this workplace,” Wells added.
Steward, of the Aspen Institute, agreed: “When workers run into any sort of problem, we have heard of many stories of them not being able to get a hold of anyone.”
Because the gig companies have many different partners, delivery workers may also be confused about who’s responsible for what.
There’s also a lot of turnover in gig work. New delivery workers are signing on all the time and may or may not be paying attention to all the fine print that includes warnings about guarding their information.
Steward said employees — but not gig workers — usually get training and IT support.
“In my job, if there’s anything suspicious, there’s someone to call,” she said. “These workers have none of that. They’re absorbing all the risk.”