Victims are being scammed through Ubereats-lp.com/task, posing as Uber Technologies Inc. They are tricked into sending significant amounts of cryptocurrency to the scammer’s addresses.

Scam Details:

• Amount Sent (ETH): $108.00
• Transaction Hash: 0x4f327e3f4bad92875fbd25451d6959ce731b9b7af61b5c0879fddc180a12f1c3
• Receiving Address: 0x93efab1454134e79db476a011981a03828d2abe6
• Amount Sent (BTC): $775.00
• Transaction Hash: 6d81cf850779882362c6732f6e94289b792a379ca4b4b2ff7e00696c03872fc0
• Receiving Address: 34WGWqqrwhtfzjzRCYe2KQPrdRZjmBceA2
• Amount Sent (BTC): $1855.00
• Transaction Hash: 2001ccf449dc9be4248943d33a86bbe40fc4810ae1d59ac2288d680ec0edff63
• Receiving Address: 34WGWqqrwhtfzjzRCYe2KQPrdRZjmBceA2

If you have been affected by this scam, please share your story.

Receiving Address Analysis

Victims of this scam have been directed to transfer cryptocurrency to specified addresses. One notable receiving Bitcoin address is 34WGWqqrwhtfzjzRCYe2KQPrdRZjmBceA2. This address has been active on the blockchain with a significant number of transactions. The address has received a total of 0.36716691 BTC, valued at approximately $20,755.85, and has sent out 0.34063761 BTC, valued at $19,256.16, leaving a current balance of 0.02652930 BTC ($1,499.69). Over 56 transactions have been conducted with this address, indicating it is actively used for illicit activities.

In one reported case, the victim transferred 0.01238967 BTC (approx. $775.00) to this address, following a previous transaction of 0.03088557 BTC (approx. $1855.00). These transactions are part of a broader pattern of fraudulent activities.

For Ethereum transactions, the address 0x93efab1454134e79db476a011981a03828d2abe6 has been identified. This address has conducted 284 transactions, receiving a total of 25.634598099127920989 ETH ($76,464.93) and sending 25.63202752808881012 ETH ($76,457.26). Despite the large volume, the current balance is zero, showing that funds are quickly moved out.

Bitcoin Address: 34WGWqqrwhtfzjzRCYe2KQPrdRZjmBceA2

• Current Balance: 0.02652930 BTC ($1,499.69)
• Total Received: 0.36716691 BTC ($20,755.85)
• Total Sent: 0.34063761 BTC ($19,256.16)
• Total Volume: 0.70780452 BTC ($40,012.01)
• Number of Transactions: 56
• Recent Transactions:
• ID: 8540-d691 | Date: 7/04/2024, 15:13:06 | Amount: 0.00162502 BTC ($91.86) | Fee: 48.4K Sats ($27.35)
• ID: 4aba-fd5c | Date: 7/04/2024, 15:05:26 | Amount: 0.00073000 BTC ($41.27) | Fee: 2.5K Sats ($1.43)
• ID: cd33-d764 | Date: 7/04/2024, 13:38:17 | Amount: 0.00529958 BTC ($299.58) | Fee: 1.7K Sats ($0.96)
• ID: 4f5c-5877 | Date: 7/04/2024, 13:18:53 | Amount: 0.00163523 BTC ($92.44) | Fee: 57.1K Sats ($32.30)
• ID: ee63-38da | Date: 7/04/2024, 11:59:06 | Amount: 0.00173810 BTC ($98.25) | Fee: 58.8K Sats ($33.25)
• ID: 0099-1cf0 | Date: 7/04/2024, 10:16:59 | Amount: 0.00173854 BTC ($98.28) | Fee: 75.2K Sats ($42.51)
• ID: 0ef7-1bc2 | Date: 7/04/2024, 09:24:06 | Amount: 0.00189887 BTC ($107.34) | Fee: 72.9K Sats ($41.21)
• ID: 4f3e-bdd3 | Date: 7/03/2024, 18:03:31 | Amount: 0.00157680 BTC ($89.14) | Fee: 62.2K Sats ($35.14)
• ID: db4c-6705 | Date: 7/03/2024, 13:13:53 | Amount: 0.00159567 BTC ($90.20) | Fee: 48.8K Sats ($27.58)
• ID: 60aa-8ef0 | Date: 7/03/2024, 09:38:32 | Amount: 0.00157219 BTC ($88.88) | Fee: 71.7K Sats ($40.53)

Ethereum Address: 0x93efab1454134e79db476a011981a03828d2abe6

• Current Balance: 0.00 ETH ($0.00)
• Total Received: 25.634598099127920989 ETH ($76,464.93)
• Total Sent: 25.63202752808881012 ETH ($76,457.26)
• Total Volume: 51.26662562721673 ETH ($152,922.19)
• Total Fees: 0.002570571039110869 ETH ($7.67)
• Number of Transactions: 284
• Recent Transactions:
• ID: 0xec-d8eb | Date: 7/03/2024, 19:22:35 | Amount: 0.32974453 ETH ($983.59) | Fee: 255.5K Gwei ($0.76)
• ID: 0xb1-5127 | Date: 7/03/2024, 16:07:47 | Amount: 0.33000000 ETH ($984.35) | Fee: 107.5K Gwei ($0.32)
• ID: 0x0a-f408 | Date: 6/28/2024, 16:04:47 | Amount: 0.66137822 ETH ($1,972.81) | Fee: 37.8K Gwei ($0.11)
• ID: 0xaf-4e36 | Date: 6/28/2024, 14:05:11 | Amount: 0.37141600 ETH ($1,107.89) | Fee: 0 Gwei ($0.00)
• ID: 0xf4-32d0 | Date: 6/28/2024, 12:49:59 | Amount: 0.29000000 ETH ($865.04) | Fee: 62.2K Gwei ($0.19)
• ID: 0x9e-b713 | Date: 6/27/2024, 19:25:11 | Amount: 0.49206471 ETH ($1,467.77) | Fee: 119.3K Gwei ($0.36)
• ID: 0x31-7f9f | Date: 6/27/2024, 19:24:11 | Amount: 0.00000000 ETH ($0.00) | Fee: 214.3K Gwei ($0.64)
• ID: 0x53-8eb1 | Date: 6/27/2024, 13:20:47 | Amount: 0.05100000 ETH ($152.13) | Fee: 139.5K Gwei ($0.42)
• ID: 0x45-0cd3 | Date: 6/27/2024, 12:54:59 | Amount: 0.04500000 ETH ($134.23) | Fee: 168.8K Gwei ($0.50)
• ID: 0xb5-f38f | Date: 6/27/2024, 12:39:23 | Amount: 0.00000000 ETH ($0.00) | Fee: 434.2K Gwei ($1.30)

Domain Analysis: Ubereats-lp.com

The fraudulent website ubereats-lp.com was registered on May 31, 2024, and will expire on May 31, 2025. It is registered with Name.com, Inc., a reputable domain registrar, and is currently under the status of “clientTransferProhibited,” which restricts the transfer of the domain to another registrar. This domain is protected by Domain Protection Services, Inc., which is a common practice to maintain the privacy of the registrant’s information.

The registrant’s contact details are listed as PO Box 1769, Denver, CO, with a contact phone number and an email communication link provided through Name.com. The administrative and technical contacts are identical to the registrant’s contact information, which is often the case for domains protected by privacy services.

The website is hosted by Cloudflare, Inc., a well-known content delivery network and DDoS mitigation company. The server’s IP address is 172.67.198.177, located in Toronto, Canada, under the autonomous system AS13335 (CLOUDFLARENET). Using Cloudflare’s services indicates an attempt to enhance the site’s security and performance, although it also complicates efforts to uncover the true hosting location.

Ubereats-lp.com Review

Upon visiting the website, users are greeted with a login page mimicking Uber Eats’ branding, requiring them to enter their account number and password. Another section of the site invites users to create an account by providing personal details such as mobile phone number, username, password, confirmation password, invitation code, and email address. This page is misleadingly titled “Creating innovative revenue channels,” attempting to lure users into believing they can collaborate and expand their business independently.

The terms and conditions outlined on the site include several clauses typical of legitimate services, such as provisions about account creation, intellectual property rights, and termination policies. However, they also include several red flags:

• The terms state that users must complete all app requirements before requesting withdrawal, and any attempt to cancel or reverse an app is prohibited, suggesting a potential tactic to trap users.
• The policy on dishonest acts is vaguely described and contains generic statements about compliance and fraud prevention, which could be an attempt to appear legitimate without providing real substance.

Additionally, the website mentions the possibility of suspending accounts suspected of fraudulent activities but provides no clear process for appealing such suspensions. The privacy policy asserts that personal information is collected within necessary limits and that appropriate security measures are in place, yet admits that no technology is completely risk-free, which can be a disclaimer to avoid liability for data breaches.

Red Flags

1. Newly Registered Domain: The domain was registered recently (May 31, 2024), often a sign of a scam website that may not have been vetted properly.
2. Privacy Protection: While not uncommon, the use of Domain Protection Services to obscure the registrant’s details can also indicate an attempt to hide the identity of the scam operators.
3. Hosting by Cloudflare: Although Cloudflare provides robust security, it also makes it difficult to trace the actual server location, which scammers often exploit.
4. Inconsistent and Generic Content: The terms and conditions and privacy policies contain generic language and lack specific details about the services offered, often used to create a veneer of legitimacy.
5. No Verifiable Contact Information: The contact information provided redirects to a general contact form via Name.com, rather than providing direct and verifiable contact details.
6. Misleading User Interface: The website mimics Uber Eats’ branding but redirects users to pages that solicit personal information under false pretenses.
7. Suspicious Policies: The prohibition on canceling or reversing transactions and the broad criteria for suspending accounts without a clear appeal process are tactics often used to defraud users.
8. Unusual Withdrawal Conditions: The requirement to complete all app processes before withdrawal is a tactic to prevent users from reclaiming their funds easily.

Ubereats-lp.com Reviews

According to ScamAdviser, the website ubereats-lp.com has a low trust score of 41 out of 100, indicating that it may be a scam. The analysis notes, “The trust score of ubereats-lp.com is rather low. ubereats-lp.com may be a scam.” The score is derived from over 40 data points, including third-party reviews, the hosting party, the website’s location, and reports of selling fake products. Although no user reviews have been left for ubereats-lp.com on ScamAdviser, the absence of reviews can be suspicious for a website claiming to be associated with a major brand like Uber Eats.

ScamAdviser highlights several positive and negative aspects of the website. On the positive side, it has a valid SSL certificate, and DNSFilter labels the site safe. However, significant negative points include the hidden identity of the website owner on WHOIS, a very low Tranco rank indicating minimal traffic, and the fact that the website is not optimized for search engines. The young age of the site is also noted as a red flag: “This website was set up recently. As a result, we advise you to really take the time to check this site out before you interact with it.”

ScamAdviser further explains the implications of a newly set-up website: “Scam sites are often very young. They are removed from the web after a couple of months as too many consumers leave negative reviews and social media comments. Until that time, they will try to scam you.” The lack of search engine optimization is particularly suspicious as it suggests the website may not want to be easily found by authorities or brand protection agencies.

Bottom Line

In conclusion, the evidence strongly suggests that ubereats-lp.com is a sophisticated scam designed to exploit the trust associated with the Uber Eats brand.