According to the indictment, Otukelu, 25, and Edwards, 24, both of Houston, conspired to carry out a scheme to defraud DoorDash, Inc. (DoorDash) by fraudulently obtaining wages of independent contractors, called “Dashers,” who made deliveries for the delivery service.

As part of this scheme, the co-conspirators allegedly obtained the personal identifying information of Dasher victims; falsely impersonated the Dasher victims to DoorDash support; took over Dashers’ existing online accounts; created new, unauthorized accounts using Dashers’ personal information; and directed payments of Dasher wages from DoorDash to accounts controlled by Otukelu and Edwards.

The indictment further alleges that the defendants used the stolen funds to pay for and attempt to pay for goods and services, including vehicles, airline tickets, cosmetic procedures, and personal training.

The indictment alleges that Otukelu and Edwards stole the DoorDash wages of at least 138 individual Dashers, amounting to over $1 million.

  • catloaf@lemm.ee
    link
    fedilink
    English
    arrow-up
    17
    ·
    22 days ago

    How the fuck did this give them access to, on average, over seven thousand dollars per account compromise?

    • JWBananas@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      22 days ago

      They sign up for an account as a customer, and they order something really cheap, e.g. a salt packet from McDonald’s or a sauce packet from Taco Bell.Then when a Dasher accepts the delivery offer, they call the Dasher.

      DoorDash masks phone numbers on both ends by proxying through their own phone bank. So when they call the unsuspecting Dasher, the caller ID on the Dasher’s end says “DoorDash.”

      Then they impersonate Dasher support. They claim to the Dasher that the order they are attempting to pick up was placed fraudulently and will need to be cancelled. They claim that the Dasher will still be paid for their trouble but that they will need to check their text messages for a link.

      Then they use the link to phish the Dasher’s account credentials. And they instruct the Dasher to forward their 2FA code as well, despite the text message literally saying that nobody will ever ask for that code.

      It’s been happening for years. New Dashers fall for it all the time.

      It says they also fraudulently created new accounts as well. They likely turned around and “rented” those accounts out to additional victims. There is a black market for account rentals for those who, for whatever reason (e.g. background check, driving record, citizenship status) can’t be approved for one on their own.

    • rc__buggy@sh.itjust.works
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      22 days ago

      Makes you wonder how much DD is keeping vs. passing on to the workers. If this number is correct and it truly was just “wages” then there must have been more accounts.

  • Beacon@fedia.io
    link
    fedilink
    arrow-up
    16
    arrow-down
    1
    ·
    22 days ago

    Lowest of the low. You have to be a truly terrible person to steal money from hard working low-paid people