A 35-year-old man has been sentenced to seven months in jail after taking part in a delivery fraud scheme that exploited a loophole in Grab's courier system. The case is another reminder that even digital platforms built around automation and app-based workflows can still be vulnerable when internal controls are not tight enough.
The man, Dzulqarnain Muhamad, was part of a group of Grab drivers linked to thousands of fraudulent transactions that ended up costing the company more than $58,000. His own role in the scheme involved losses of over $13,500, with more than $11,700 tied directly to the charges he pleaded guilty to.
How the Scheme Worked
The fraud centered on Grab's courier service, GrabExpress.
Under normal circumstances, a driver who accepts a delivery job is expected to collect the parcel and send it to the intended destination. If the delivery cannot be completed, the driver is supposed to return the item to the sender and update the app accordingly. In such cases, the job is canceled, but the driver may still receive payment for the attempted delivery.
According to court proceedings, the drivers involved in this scheme found a way to abuse that process. They would accept GrabExpress bookings and almost immediately mark the parcel as returned in the app, even though they had never made any real attempt to collect the item in the first place.
That allowed them to trigger payouts for jobs that were effectively fake from the start.
A Loophole That Was Repeatedly Exploited
What makes the case especially striking is the scale.
Investigators found a total of 5,540 fraudulent transactions linked to 24 Grab driver accounts that were operated by five drivers. In Dzulqarnain's case alone, he is said to have exploited the loophole more than 930 times over just two months, in June and July 2025.
This was not an isolated act or a one-off abuse. It was a repeated and deliberate manipulation of the system, carried out over time and apparently in a way that relied on the platform not detecting the unusual pattern quickly enough.
Use of Multiple Driver Accounts Added Another Layer
The fraud did not rely only on one loophole.
Court documents revealed that the drivers also operated multiple Grab accounts registered under other people's names, while using their own profile photos. Prosecutors said this worked in part because Grab did not cross-check profile photos closely enough across accounts.
In Dzulqarnain's case, he reportedly learned about the loophole from another driver in the group. He then used accounts belonging to two other drivers to carry out the fraudulent transactions. Part of the method involved changing profile pictures and using facial recognition access in a way that allowed him to continue operating those accounts.
Once the fraudulent payouts were credited into Grab wallets, the money was later transferred into his own bank account. He also reportedly passed along undisclosed sums to the other account holders.
Court Outcome and What Happens Next
On March 27, Dzulqarnain was sentenced to seven months in jail after pleading guilty to two cheating charges. A third charge was taken into consideration during sentencing. He has not made any restitution.
The cases involving three others linked to the broader scheme are still pending. Court records also mentioned a fifth driver involved in the operation, though that person was not charged at the time referenced in the case details.
Dzulqarnain himself was arrested on Aug 8, 2025, after internal checks by Grab uncovered the suspicious transactions.
Why This Case Matters
Beyond the criminal aspect, this case highlights a wider issue for platform-based services.
Gig economy systems are built for speed and scale. That makes them efficient, but it can also leave room for abuse when checks are too heavily automated or when verification measures are not strong enough. A process designed to compensate drivers for failed delivery attempts became, in this case, the very mechanism used to generate false payouts.
It also shows how small weaknesses can become expensive when repeated at scale. One fraudulent job might not seem major on its own, but thousands of them quickly become a serious financial and operational problem.
Final Thoughts
This case is not just about one driver going to jail. It is also about how digital service platforms must constantly tighten their systems as users find new ways to manipulate them.
For Grab, the losses were financial. But cases like this can also damage trust in the platform, especially when customers and senders expect the system to reflect real delivery activity. For the wider industry, it serves as a warning that loopholes in app-based services rarely stay small for long once they are discovered.
In the end, the story is a simple one: a weak point in the system was exploited repeatedly, and the consequences eventually caught up with those involved.
Comments