Melbourne – Restaurant owners are being warned about a new email scam in which fraudsters impersonate DoorDash, demanding sensitive personal and business information under the guise of security verification. The emails claim that fraudulent activity has been detected in the merchant’s DoorDash portal, which is allegedly causing issues with their payouts.
The fraudulent email uses an official-looking DoorDash logo and contains a highly convincing message:
Email Message:
“Dear _ _ Restaurant Team,
We hope this message finds you well. We are reaching out to inform you that we have detected some fraudulent activity within your merchant portal due to which we are facing issues while depositing your further payouts within your merchant portal associated with your DoorDash account. To ensure the security of your account and to comply with our verification protocols, please respond back to this email to confirm this request is legitimate and provide the following details within 3 days:
•Certificate of Incorporation
•Beneficial Owner’s Personal ID (passport, national ID, recommended driving license) (front and back) (JPG, PNG – no scanned copies allowed)
•Proof of Address (such as utility bills, bank statements, or credit card statements)
•Registered DoorDash Number
Please note that if you do not provide these documents within the specified timeframe, we will have to take necessary actions, which may include deactivating your store, pausing pending payments, and preventing further orders from being received.”
Upon closer inspection, the sender’s email address is revealed as support@doorshdash.services—a clear attempt to mimic the legitimate DoorDash domain, doordash.com. The scammers’ objective is to obtain sensitive documents such as incorporation certificates, personal IDs, and bank details, which could be used for identity theft, fraud, or other criminal activities.
DoorDash has confirmed that they never request such information via email and have alerted restaurant partners to the scam. They remind partners to verify communications through official channels and to report any suspicious emails immediately.
Warning Signs:
•Urgent requests for personal and business-critical information.
•Threats to block payments or deactivate the store if the information is not submitted within a short timeframe.
•Suspicious email addresses not originating from the official doordash.com domain.
Restaurant owners are advised to stay vigilant, carefully check the sender’s address, and never provide sensitive information through unsolicited emails.
