17/05/2013

Football enthusiasm can turn into fan frustration

Football enthusiasm can turn into fan frustration Malware

Scam 1: Sale of non-existing tickets

With just under 90,000 tickets available, the number of tickets is incredibly small considering the number of ticket requests the two German finalists alone received when they reached the final (BVB: 502,567; FCB: more than 250,000). Auction portals and classified markets quickly filled with offers of tickets. However, there are most likely many offers created only to cash in without offering any (real) tickets for sale.

At this point, you should note that there are already many negative reports about the shipping and insurance options offered for private auctions: The insurance for packages only covers the actual value of the goods, not the auction price paid, according to a guide. However, the popular tickets to the final (whether or not they actual exist) often sell for many times their face value. So if the package is lost, the buyer is only compensated for the actual value as the maximum. Registered mail may only be used for shipping tickets with a maximum actual value of €25.

Hint: 

When using auction portals, always check the seller's rating. Has he/she only just registered? How good are his/her ratings? Can you contact the seller in person, or even pick up the goods? Can you verify the address information? Even though the popular game is only a few days away, you should not lose sight of the facts in the heat of the moment!

That aside, the tickets are personalised and you might be refused entry to the stadium if you buy a ticket from an unofficial source (see scam 6).

Scam 2: Final? Yes! But the women's final!

There have been several reports about willing customers and fans being sold tickets to the Champions League final in Wembley via various portals. In some of these cases, however, the tickets are not tickets to the popular men's final but the women's final, which is also held in London's Wembley Stadium on May 23.

A story about a Facebook user called Andre, who was sold tickets to the "wrong" final according to a screenshot, is currently entertaining the online community. 

Hint: 

Always read the descriptions of offers very closely! You should also be careful if offers sound too good to be true. On various portals, tickets to the men's final are sold for amounts exceeding ten thousand euros – hence you should take a very close look at relatively cheap tickets. Of course, it is also possible for tickets to the women's final to fetch high prices ... intentionally or unintentionally.

Scam 3: Tickets will be sent as soon as possible ... after the match

The experts at G Data Security Labs discovered a particularly mean scam on a large German auction platform: The provider, who only had a single rating, described tickets to the men's final and with an item description that appeared to be quite trustworthy. However, a very important sentence was added at the end of the long description! Translated, it reads “The tickets will be shipped one day after the match and are meant to be memorabilia only.”

The offer was withdrawn very quickly so the seller did not receive any money. However, it is possible for a similar offer to be completed successfully. 

Hint:

In this case, you should also read the descriptions of offers very closely!

Scam 4: Unofficial raffles as data leeches

UEFA expressly prohibits the use of tickets for “commercial purposes like promotions, advertising, as a price for a competition or raffle or as part of a package (for example, a combination of plane, hotel and entry tickets)” except by official UEFA Champions League sponsors.

In addition to competitions on various websites, competitions advertised on Facebook are also very popular. Even if the sellers own legitimate tickets, the UEFA guidelines prohibit these competitions and, in addition, the operators of these Facebook pages use their terms and conditions to gain access to the user data as well as the "Likes". For more information on gaining Facebook "Likes", see our G Data SecurityBlog article "Primed browser extension delivers unwanted Facebook likes“.

Hint:

Avoid entering your personal data when non-sponsors offer competitions. Data collectors can use this data to send you personalised messages tailored to your interest in football (spam, advertising) at a later stage.

Scam 5: Offers of London trips and final events as bait

Spammers naturally want to benefit from this major event as well: Inboxes are not just filled with ticket offers but also numerous offers of trips to the final or supposed exclusive events. It is often hard to tell how genuine these offers are because little-known companies and event management agencies often use mass mailings to get potential customers interested in their products.

 

Hint:

If you want to book trips or events related to the final, approach a trustworthy local provider, a branch of one of the two finalists or UEFA itself. Research the providers thoroughly and do not prematurely transfer money for services to unknown accounts.

As always: You should not click on links or file attachments in emails and social networks without pausing to think first. The files or website could be infected with malicious code.

Scam 6: Tickets sold on site, at the stadium

The official UEFA tickets to the final are personalised and therefore not approved for on-selling. The ticket itself does not show the name of the applicant or the guest, hence it is likely that this personal data is included in the bar code printed on the ticket. UEFA confirms that the data is always personalised. When you enter the stadium, security personnel on site can read this printed data and demand to see the identification used to reserve/book the ticket.

Copies of tickets are often offered at the site of the action or in the city. Fraudsters try to imitate original tickets by using expensive looking paper and more or less sophisticated printing technologies. However, modern entry tickets have visible as well as textural security features like holograms, textural structures and certain inks that are not easy to counterfeit.

Hint:

If you travel to the match without a ticket, do not believe street vendors on site when they tell you that you have nothing to worry about if you buy tickets and that the tickets are not personalised because no explicit name is printed on them!


**** UPDATE, 22/05/2013, 11:30 CET ****

There is another example, besides the scam possibilities on auction platforms we have already presented: The G Data SecurityLabs experts have received information about a person who does not only offer manifold Champions League final tickets in various offers (see screenshot below), which is very unlikely altogether, but the person uses hacked eBay accounts to increase the offers’ credibility!

To all appearances, the scammer has hacked eBay accounts and misuses their reputation to perform the ticket sale. G Data has learned about at least four different examples, which were apparently initiated by the same individual:

The screenshot indicates that the original eBay account holder has many good ratings and that his original field of business is the sale of postcards.
Something that is not visible in the screenshot, but traceable in the page’s source code: The relevant parts of the product description are not typed but inserted as a graphics from an external source. Therefore, the information given in the description cannot be found using search functions and that grants more time for the scammer, to sell his dubious tickets.

An attentive user on the hunt for tickets (Dennis) found one of those offers described and immediately regarded it with suspicion. He contacted the seller (Alexander) via the email address given in the article description picture, to collect more information about the offer, and he started a conversation with the seller. A short research about the email address revealed that it has already been used in former sale fraud cases.

Subsequently, part of the email conversation in chronological order:


The email indicates, but rather promises, that the transaction is going to be realizes via eBay, which grants specific rights and duties to the seller and the buyer, regulated by the use of the platform. After another few emails, Dennis received an email which, on first sight, looks like an original eBay email. But, it actually is a well-done imitation, trying to fool the buyer, making him believe the transaction is carried out via eBay. Here are some hints to identify the scam:

  • The sender’s address should arise suspicion: The domain check-purchase.com is in no way connected to the popular auction portal and isn’t even actually registered at the moment.
  • Normally, the use of the buyer’s eBay account name and real names are an indication for authenticity. But, in this case, Alexander did not know Dennis’ eBay name until he asked for it in one of his mails and then included the name. If the transaction had really been initiated via eBay, the buyer’s name had been known, as well as the other contact data.
  • Furthermore, the conclusion of the contract would have been initiated by the buyer, not by the seller.
  • The fake email also includes the complete bank account details Dennis should use to wire the money. Obviously, he did not do so but he rather contacted the original eBay account holder and informed him about the fraud.

All Champions League ticket fraud examples just described were pulled from the auction platform – but it cannot be ruled out that similar scams pop up again… just before the big event!

Hint:

As mentioned before: Always read the descriptions of offers very closely! Always check the seller carefully! Conclude contracts using the respective portal’s functions only, because this is the only possibility to profit from buyer’s rights.
You should become suspicious if one person sells many Champions League final tickets – each and every official ticket ballot allowed the request for only two tickets per person.