While cybercriminals are offering free tickets to Taylor Swift Eras Tour and other events, Ticketmaster is telling would-be purchasers that these tickets will prove to be worthless.
Those who have claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylor Swift’s Eras Tour, and as proof have leaked 170k ticket barcodes. However, those barcodes are long gone, as a Ticketmaster spokesperson said:
“Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied.”
The rotating barcodes that change every few seconds is a core feature that protects against “scalpers” who buy tickets from licensed sellers and then resell them at—often—huge profits. You could compare this to the “rolling code” method that most car manufacturers use to prevent car thieves from using a Flipper-Zero to steal your car. You can record and retransmit the code sent by a key fob but that exact same code will no longer work.
From past experience we can say that scalpers are usually one step ahead of the ticket platforms.
Only yesterday, the tech journalists at 404 Media reported about a lawsuit filed in California by concert giant AXS which gives readers some insight into an ongoing legal and technological battle between ticket scalpers and platforms like Ticketmaster and AXS.
404 explains that by reverse engineering the process that ticket platforms use, scalpers can generate valid tickets which they can then sell through their own platforms.
In the lawsuit, AXS says that scalpers are selling counterfeit tickets to unsuspecting customers. However, from the buyer’s standpoint—exaggerated price aside—if you paid for them and they get you in the venue, what’s the difference?
But the point is, the struggle between ticket platforms and scalpers is an arms race in which each side keeps coming up with new methods, and there is now way for the average customer to tell who is currently ahead. So buying these tickets poses a risk of losing your money.
The Ticketmaster spokesperson said:
“This is just one of many fraud protections we implement to keep tickets safe and secure.”
Unfortunately, the customer and card details of one million Ticketmaster users were not that safe and secure: The cybercriminals released that data when Ticketmaster refused to pay the ransom for the allegedly 560 million Live Nation/Ticketmaster users they managed to steal.
Either way. Be careful when buying tickets and when receiving emails about free concert tickets. They could turn out to be costly.
Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.
We don’t just report on threats – we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.
