The digital threat is so great that fans looking to get tickets to Tomorrowland, one of the world’s most popular electronic dance music festivals, fear a fraud in the name of security.
Cybersecurity experts say fake ticketing websites have been found that not only make money but also collect sensitive biometric information facial scans, selfies, government-issued identity documents.
What is the scam
The fraud is in websites that closely resemble Tomorrowland’s official ticket booking platform. The fake portals look real they have the festival’s branding, logos, and colours and ticket booking interface. It’s to convince visitors that they’re buying real festival passes.
Once buyers have purchased a ticket, they will be asked to go through biometric identity verification before booking can be confirmed. They will need to upload a passport or driver’s licence, take a selfie on the spot, or take a short video for facial recognition.
The verification sounds real, but instead of the ticket purchase being verified, the information is collected by cybercriminals.
What exactly is targeting fans
The scam is particularly targeting those who missed the official ticket sale and are looking for resale options online. Fraudsters promote fake ticket offers on social media; send phishing emails; set up chat apps; and even create unofficial resale groups. Some fake websites appear in sponsored search engines so they’ve got credibility.
To instill urgency in the buyer, the scammers often advertise “limited-time offers,” “last available tickets,” or “exclusive discounts.” They force the consumer to make a quick decision on which one to purchase and do so before checking the website to make sure it’s real.
Why are scammers collecting biometric data
Biometric information is also very valuable for cybersecurity as biometric information is increasingly being used in identity verification by banks, financial institutions, cryptocurrency platforms and government services. Biometric information cannot be reset if compromised like passwords.
Stolen facial images and identity documents can be used for identity theft, to open fake accounts, to bypass digital verification systems, or to carry out financial fraud. The data can be used to create fake digital identities or sophisticated deepfake content with artificial intelligence as well.
Where is the scam spreading
So the fraud isn’t limited to one country. Tomorrowland attracts visitors from more than 200 countries and hackers are targeting fans worldwide through online sites. People who seek tickets outside of the official sales channels could be next.
How can buyers be protected
The experts recommend buying tickets only through Tomorrowland’s official site or the resale platform they authorised to buy tickets from. Before entering personal or financial information, the website address should be thoroughly assessed and you should not click on links from any emails (even though it is on the web) or social media or messaging apps.
Those who have already submitted biometric data or payment details on a suspicious website should immediately contact their bank, pass this information on to local cybercrime authorities and monitor their accounts for signs of identity theft. Multi-factor authentication on important accounts, too, can reduce the risk of unauthorised access.
Knowing is the best defense to online fraud, they say. A few extra minutes to verify a ticket seller could prevent financial and identity-related damage over time.