Australian food delivery drivers are losing significant earnings to a sophisticated phishing scam targeting gig-economy workers across the country [1, 2].

This trend highlights the acute financial vulnerability of independent contractors who lack the institutional protections of traditional employment. Because these workers rely on digital platforms for their primary income, a single security breach can result in the immediate loss of their entire weekly take-home pay.

The Transport Workers Union (TWU) issued a warning after reports surfaced that drivers were being tricked into handing over their earnings [1, 2]. The scam specifically targets those operating in the delivery sector, with a particular focus on workers in Queensland [1, 2].

According to reports, drivers have collectively lost tens of thousands of Australian dollars to the scheme [2]. The scammers use phishing techniques to deceive drivers into revealing sensitive account information or authorizing fraudulent transfers of their hard-earned cash [1, 2].

The TWU said that the nature of gig work makes these individuals attractive targets. Many drivers operate as sole traders without corporate IT support or dedicated security protocols to protect their digital wallets, a gap that scammers are now exploiting on a large scale [1, 2].

Authorities and union representatives are urging drivers to remain vigilant against unsolicited messages asking for account verification or payment details. The union said it continues to monitor the situation as more drivers report losses across various Australian states [1, 2].

Drivers have collectively lost tens of thousands of Australian dollars to the scam

This surge in targeted phishing underscores a growing security gap in the gig economy, where the shift toward digital-only payments outpaces the implementation of worker protections. As platforms move toward automated payment systems, the burden of cybersecurity falls entirely on the individual contractor, creating a systemic risk where financial instability can be triggered by a single fraudulent link.