Working in a restaurant, we deal with delivery platforms like Uber Eats all the time, so it’s normal to get calls related to orders, account issues, or updates. Because of that, it can be really easy to trust something that sounds legit.
Recently, we had a situation where someone called the restaurant pretending to be Uber Eats support. They said there was an issue with our account and that they needed to verify it. During the call, they tried to get an access code that was sent to our email.
What was the purpose?
The goal of this scam was to gain access to our Uber Eats account. If they got that code, they could’ve:
-
Logged into our account
-
Changed payment or banking information
-
Potentially redirected payouts or caused issues with orders
Basically, they were trying to take control of the account.
How did it work?
The scam was actually pretty convincing:
-
They introduced themselves as Uber Eats support
-
They created urgency by saying there was an issue that needed to be fixed right away
-
They triggered a real access code to be sent to our email
-
Then they asked us to read that code back to them
Because the code was real and came from Uber, it made the situation feel legitimate—but in reality, they were trying to use that code to log into our account.
How could I tell it was fake?
There were a few big red flags:
-
Uber Eats normally doesn’t call asking for login verification codes
-
They were pushing for the code immediately
-
They didn’t provide clear details about the “issue”
-
Asking for a verification code is a huge sign of a scam
Once we realized what was happening, we stopped the call and did not share the code.
How others can avoid this
If you ever run into something like this, here’s what to do:
-
Never share verification codes – No real company will ask for them
-
Pause and question urgency – That pressure is intentional
-
Log in directly yourself – Check for issues without going through the caller
-
Train your team – Make sure everyone knows not to give out codes or sensitive info
Conclusion
This experience showed me how easy it is for scams to blend into everyday business operations. Since we use Uber Eats regularly, it didn’t seem unusual at first. But knowing that no company should ever ask for a verification code helped us catch it before anything happened. Staying aware and taking a second to think can protect both you and your business.
Honestly this is kind of scary because I feel like I would’ve trusted it too. The fact that the code actually comes from Uber makes it seem super legit. I didn’t realize scammers could trigger real verification codes like that. It’s crazy how they use something real to trick you into giving them access
I know, that’s exactly what made it feel real in the moment. Seeing an actual code come through makes you think everything checks out, but really they’re just trying to log in on their end. It definitely made me more aware of how careful you have to be, even when something looks legit.
I think the part about urgency is really important. Anytime someone is rushing you or saying something needs to be done immediately, it usually means something is off. Especially in a work setting where things are already busy, it would be really easy to just go along with it without thinking too much.
Yes exactly. That pressure is what gets people. When you’re in the middle of a rush, you don’t want to deal with a “problem,” so it’s easy to just listen and move on. That’s why taking even a second to pause and question it makes such a big difference.
I like how you explained how it actually works step by step. I didn’t realize that giving out a code could basically give someone full access to your account. That’s honestly something I probably wouldn’t have thought twice about before reading this
Thank you!! I didn’t fully realize how much access that code gives either until this happened. It seems like such a small thing, but it can lead to a lot bigger problems. Definitely changed how I look at those messages now.
The tips at the end were really helpful, especially about training your team. I feel like a lot of the time only managers think about stuff like this, but realistically anyone answering the phone could be put in that situation. It’s something everyone should know.
That’s such a good point. It really can be anyone who answers that call, not just managers. That’s why it’s important that everyone knows the basics, like never giving out codes. It protects the whole team, not just one person.