In late January this year, eager fans purchased tickets for Coachella, an annual two-weekend, three-day music festival but were later targeted by scammers in a phishing campaign that persisted up till the end of February.
Front Gate Tickets, the company responsible for handling the festival’s ticketing had sent an email to ticket buyers at the end of February warning users on the phishing campaign stating:
“The phishing involved a fraudulent website designed to look like the login page for Coachella ticket buyers to access their Front Gate accounts, built in an attempt to capture username and password information.”
The email went on to explain that the phishing links were circulated on message boards and email campaigns, and that the perpetrators had harvested the email addresses of ticket buyers who posted them publicly on message boards.
The timing of this campaign happened right before the wristbands used for entry into Coachella were shipped out to attendees. Based on this, it’s clear that the perpetrators of the campaigns had intended to access accounts of ticket buyers to modify the mailing address, phone number and email on file in order to have the wristbands shipped to them. One user on the Coachella message board confirmed this to be the case:
“I was able to get my information put back on the account yet they changed the address, phone and email on file. Glad I double checked and didn't lose my tickets!”
This incident is an important lesson for the modern music fan. In just two years, scammers have gone from merely creating fake Facebook pages offering tickets to Coachella to directly targeting attendees with phishing emails to steal their wristbands.
Coachella is not the only music festival happening this year. In the coming months, festivals like Sasquatch, Bonnaroo, Outside Lands, Lollapalooza and others will be taking place throughout the United States and even more festivals happening in other parts of the world.
Symantec Security Response encourages festival attendees to not share their email addresses on message board threads. If sharing is necessary, use the board’s built-in private messaging function.
If you’re a ticket buyer and you receive an email with a link asking you to log in to find out more information about your upcoming event, do not click on it blindly. Instead, open up a new browser or tab to visit the official website to log in. If the email seems suspicious, find a contact number or email address on the ticket distributor’s or music festival’s website and seek their assistance instead.