Fake Uber Account-Takeover and Unauthorised Rides Scam
Scammers phish Uber credentials to take over accounts, then use stored payment methods to book rides or Uber Eats orders, leaving real account holders with fraudulent charges.
Part of: Account Takeover Scams
Last reviewed: 7 June 2026
Uber accounts with stored payment methods are an attractive target for credential theft. Once an attacker gains access to an Uber account, they can book rides to any location, place Uber Eats orders, or sell account access to others — all charged to the victim's card on file without their knowledge.
The attack typically starts with a phishing email or text impersonating Uber, claiming that the account has been flagged for unusual activity, a recent trip needs to be verified, or a new device sign-in was detected. The goal is to direct the recipient to a fake Uber login page.
Uber's genuine security notifications are delivered through the Uber app's notifications panel and by email from @uber.com. Real notifications invite the user to review activity inside the app — they do not ask users to enter passwords through external links.
How this scam works on the Uber brand
Uber phishing emails often reference a specific recent trip (which may be a real trip if scammers have access to partial data from a breach, or a fabricated trip designed to alarm). The email claims a charge dispute or a verification step is needed and provides a 'Secure My Account' link leading to a fake sign-in page.
After capturing credentials, attackers change the account recovery phone number or email address to lock out the real owner. Charges for rides in distant cities or for high-value Uber Eats orders then appear on the victim's linked payment card.
Another variant uses social engineering directly through the Uber app: a driver calls the passenger claiming to be lost and asks the passenger to share a one-time passcode they just received 'so I can verify your pickup'. That code is an Uber two-factor authentication code that lets the attacker take over the account.
Common red flags
- Uber email arrives from a domain that is not @uber.com
- A trip-verification or security link in the email leads to a domain that is not uber.com
- A driver calls and asks you to read aloud a one-time verification code you just received by text
- You notice rides or Uber Eats charges in your app history that you did not make
- Your Uber account password or recovery information has been changed without your action
- An email references a recent trip with details that do not match any journey you actually took
How to protect yourself
- Enable two-step verification on your Uber account in the App menu > Account > Security
- Never read a one-time verification code aloud to a driver or anyone who contacts you — Uber will never ask for this
- Check your Uber trip history regularly under Activity in the app and report any trips you did not take
- If your account was taken over, contact Uber Support immediately through the app: Help > Account > I think my account has been hacked
- Use a strong, unique password for your Uber account and do not reuse it on other services
How to report it
- Report account compromise directly in the Uber app: Help > Account > I think my account has been hacked
- Report phishing emails to Uber via their Help section at help.uber.com
- Report to the FTC at reportfraud.ftc.gov
- Contact your bank to dispute unauthorised charges and ask for a card replacement
Frequently asked questions
A driver asked me for my verification code. Should I give it?
No. This is a well-documented social engineering technique to hijack your Uber account. The code is an authentication factor — sharing it gives the fraudster access to your account. Hang up and report the driver in the app.
I see rides I did not take on my Uber account. What do I do?
Report each fraudulent trip through the Uber app under Activity. Then immediately change your Uber password, enable two-step verification, and contact your card issuer to dispute the charges.