# New Doordash Scam - I Got Hacked! Don't Be Next!



## Haanjo (Nov 10, 2016)

First off, I should have seen this from a mile away, but man this guy was good! So here is the scam - and its very convincing!

1. You will get a call from Doordash support from someone with an accent, while you are on your way to a pickup. Chances are this will be late Sunday night...hours before Doordash transfers money to your bank via the weekly withdrawal.

2. The scammer will tell you to pull over and tell you that the run you are on has been cancelled, but they will reimburse you for time, and add $10 to your account.

3. The scammer will tell you to double check your Doordash app to show you that the order has been cancelled.

4. The scammer will then send you two codes via text message and email that you verify.

5. The scammer may tell you something about your account that only you would know. In my case, it was that the ride that was just cancelled does not count to the ride bonus - in my case the scammer correctly mentioned that I was on run 12 of 13.

6. You will then be sent a text message or email from Doordash that asks you to input your Doordash Red Card Number and your Doordash password.

7. If you have done this, the scammer now has your Doordash password and has probably hacked your phone as well.

8. If your Doordash password is the same password for any other accounts you have, that means the scammer has the passwords to these accounts as well. 

I only knew I had been hacked because I checked my email about half an hour later and noticed that Doordash sent me an email indicating my bank information had changed and that I should contact them immediately if I did not make the change. Then it hit me...I opened the Doordash app and saw that my bank account information had changed.

When you call Doordash support, they may be kind of clueless. I had to tell the rep several times to cancel my Red Card because it had been compromised. You also have to tell the rep to reset your password, which they will send you a link to do, since there appears no place to do that in the app. You also need to change any other passwords that are the same as your Doordash password, as the scammer now has those.

Like I said, the scammer has either hacked your phone and can see your screen, which explains why they could verify what run I was on for the bonus...

So BEWARE!


----------



## Paladin220 (Jun 2, 2017)

Nothing new about this scam. It has been around for years on all platforms. Sorry you fell for it. Don't ever give out passwords for any account - under no scenario ever does any company need your password....they already have it.


----------



## Seamus (Jun 21, 2018)

*New OLD Doordash Scam - I Got Hacked! Don't Be Next!*


----------



## Seamus (Jun 21, 2018)

Paladin220 said:


> Don't ever give out passwords for any account -


Exactly!

No matter how many times it's said this continues to happen because there is always someone who hasn't heard this before.

Although we get tired of saying it, it bears repeating. If anyone who is new is reading this know there are people who for years find ways on Uber, Lyft. DD, GH, UE, Instacart etc.etc. that try to scam you to take over your account and steal your money. UNDER NO CIRCUMSTANCES, no matter how real it seems, should you ever give your account password (or ANY information) to anyone. There are numerous variations of different stories to get your info. Don't do it.


----------



## FLKeys (Dec 27, 2018)

Don't use the same password at multiple places. Come up with a password formula so you can have unique passwords for each site and still remember them.

Here is an example: 

Pick two 4-5 letter words that you can easily remember. Lets use Frog and Shoe. These will be the base for your passwords.
Now we need individual websites to finish our password.

Lets start with UberPeople.net, there are two words in the sit name Uber & People. You will use the number of words and the first letter of each word in your password.


Password will start with lowercase u for Uber the first letter of the first word in the website name: *u*
Followed by first word you picked with a capital first letter: *Frog*
Followed by the number of words in the website name Uber People: *2*
Followed by a character, the character is generated by the number of words as a start and the moved over that many spots. 2 words is @ (shares the same button as 2 on the key board) move over 2 places to the right and you are at 4 or the $ symbol: *$*
Followed by your next 4 letter word with a capital first letter: *Shoe*
Followed by a lowercase p for People the first letter in the last word in the website name: *p*
UberPeople.net = uFrog2$Shoep

Bank of America = bFrog3^Shoea
Chase Bank = cFrog2$Frogb
Ford Credit = fFrog2$Shoec
Uber = [email protected]

Come up with your own formula and start using it. When a website requires you to change your password after so long it can throw a wrench into the formula. I have found most personal websites don't require routine password changes. Business websites will often require changes every so often from 30 days to 90 days.

I also use LastPass to store my passwords. It has very high ratings.


----------



## Rickos69 (Nov 8, 2018)

Seamus said:


> Exactly!
> 
> No matter how many times it's said this continues to happen because there is always someone who hasn't heard this before.
> 
> Although we get tired of saying it, it bears repeating. If anyone who is new is reading this know there are people who for years find ways on Uber, Lyft. DD, GH, UE, Instacart etc.etc. that try to scam you to take over your account and steal your money. UNDER NO CIRCUMSTANCES, no matter how real it seems, should you ever give your account password (or ANY information) to anyone. There are numerous variations of different stories to get your info. Don't do it.


How about you live dangerously and expand your advise to include any and all apps or sites that may contain personal sensitive information?


----------



## Alltel77 (Mar 3, 2019)

It's a old scam but most likely it's current employees working at these outsourced call centers working within, with former employees or outside sources providing info basically a ring. One bank I worked for was via BPO many of the agents were stealing customer card numbers , doing pin resets and all this other crap, ironically the outsourced department these agents worked in was the fraud dept. The bank terminated the contract with the BPO (it was here in the US) outsourced more jobs offshore and consolidated roles. It's really nothing new though.


----------



## BestInDaWest (Apr 8, 2021)

these people exist because it works....I would tell people to be smarter but you cant fix dumb


----------



## ColonyMark (Sep 26, 2019)

I’m sorry that happened to you. The biggest red flag for me would have been when they said they would give me $10. It’s hard enough getting the $3 compensation from DD


----------

