The price of a bot claimed to have been developed for buying Oasis reunion tickets started at only $11
With the number of affordable ticket bots continuously growing, consumers will eventually be unable to purchase tickets without using automated solutions, cybersecurity experts warn. Additionally, ticket seekers are already exposing themselves to cybersecurity and privacy threats by buying these bots.
A recent example of an Oasis reunion ticket distribution campaign clearly showed the advantage ticket bots had over customers. By using bots, people are able to quickly bypass website queues and purchase tickets faster than human users. Meanwhile, NordVPN research shows that the price of a ticket bot claimed to have been developed for buying Oasis reunion tickets started at only $11 on the general sale date.
“The terms and conditions of ticket platforms say that users cannot employ bots to buy tickets, but implementation and legal liability are questionable. Hospitality agencies widely use ticketing bots to snag premium seats to include in their package deals. Ticket resellers buy many tickets to profit from consumers who are left without tickets. At some point, there won’t be any other way to get a ticket apart from using a bot,” says Adrianus Warmenhoven, a cybersecurity advisor at NordVPN.
Ticket demand is largely the cause of the bots
Ticket-selling platforms are already taking action to tackle the problem. Techniques like virtual waiting rooms and “Verified fan” labels are used to filter real people from bots. Still, the ability to recognize the difference between humans and machines remains problematic and is becoming more difficult as AI can better simulate a person. So, given the low chance of legal action and financial incentives, criminals can spend more time and money innovating bots than platforms can spend time and money defending against them.
The price of a bot depends on the difficulty of making it successful and how many people want it. A custom ticket bot could cost from $11 to $430 on certain platforms. Depending on the demand for tickets to a concrete event and the length of a tour, bot developers can earn hundreds of thousands of pounds.
“Customers and their growing demand are largely the cause of the bots. The only way to fight the bots market is to not buy tickets from anywhere but the original site because it’s not always easy to tell which tickets on resale websites rely on scalping practices,” Warmenhowen says.
Why it is dangerous to purchase ticket bots
While it is possible to buy bots even at low prices, users can never be sure that the bot they paid for will perform well and achieve their desired result. Even if the bot does purchase tickets, there’s a risk that the tickets may not be valid. Scalpers sometimes sell duplicate or fraudulent tickets, leading to buyers being denied entry to the event.
Moreover, bots downloaded from untrusted sources can contain malware or ransomware. Infected bots serve cybercriminals by stealing user data, credentials, and biometric information or even blocking access to a user’s device until a sum of money is paid.
NordVPN’s research reveals that at least five million people have had their personal information stolen and sold on so-called bot markets. Of the affected users, 16 thousand are Canadians. In addition, researchers found 667 million cookies, 81 thousand digital fingerprints, 538 thousand auto-fill forms, numerous device screenshots, and webcam snaps. The average price for a person’s digital identity is less than $9.
Additionally, ticket bots require users to enter credit card credentials, otherwise, they will not be able to purchase a ticket. By collecting payment card information, a ticket bot could buy more than one ticket using the customers’ financial data or simply steal credit card information to exploit other financial crimes.