Don’t Get Scammed During the Hypest Moment in History

by Daniel Smith on February 25, 2020

This year’s Summer Olympics in Tokyo may arguably be one of the hypest and most technologically advanced sporting events in history. Unfortunately, many people will not be able to attend in person, and will instead watch surfing or skateboarding make their debut appearance at the Olympics while high-fiving Human Support Robots.

With an estimated 7.8 million tickets for sale, the Olympics will draw massive crowds but will also bring major heartbreak and risk for spectators around the world who are hoping to experience the games in person. To make matters worse, of the projected 7.8 million available tickets, it’s estimated that only 30% will be reserved for international sale…and I have bad news for you. Most of those tickets are already sold out.

An Opportunistic Landscape

Only residents of Japan can purchase tickets directly from the Official Tokyo 2020 ticketing website. Those of us who live outside of Japan must purchase tickets from an Authorized Ticket Reseller. For example, CoSport is the authorized ticket reseller for residents of the United States. But due to high demand, Authorized Ticket Resellers have been selling out almost immediately around the world. Even athletes will likely have a hard time acquiring extra tickets for their friends and family.

This extreme demand, coupled with a limited availability of tickets, has created an opportunistic landscape for cyber criminals and a serious risk for spectators who have missed out on the opportunities to obtain Olympic tickets from official retailers.

Sponsorships Available

The threat is so real that Japan has passed legislation making ticket scalping illegal. The first lottery drawing even happened after the law went into effect. Those caught scalping Olympic tickets in Japan have no excuse and could be placed in jail or fined.

Stressing Application Resources

The high demand for tickets has also put a stress on networks and application resources dedicated to the ticket distribution process. Ticketing websites over the last year have faced a number of problems during lottery signups, lottery drawings and standard ticket sales, due to the large flood of traffic from hopeful spectators.

For example, signups for the first round of Japan’s domestic lottery opened up on May 9^th and ran until May 28, 2019. This process was severally impacted within the first hour, due to a flood of hundreds of thousands of users trying to enter the lottery for a chance to purchase a ticket. This traffic persisted throughout the month and it was reported that the official ticketing website saw 24.25 million requests during May 2019.

The most impressive part about the demand in the first round was that 7.5 million residents of japan signed up for the lottery with their Olympic ID. To put this in perspective, there are only 7.8 million tickets available for the Summer Olympics, in total!

While Olympic organizers and authorities have done everything they can to prevent ticket fraud, profiteers have been able to find ways to bypass Japan’s Olympic ticketing system.

In an interview posted in Japan Today, Mr Z, a ticket scalper, detailed how he bypassed Japan’s lottery restrictions for profit. Mr Z leveraged a network of 400 Chinese residents in Japan who work as line standers. For those unfamiliar with this line of work, line standers are used to physically or digitally stand in line for a buyer. Typically, they are used for popular concert tickets or limited release clothing items. Mr Z’s group of 400 human bots were able to register and obtain 80 tickets for resell during the first round on Japan’s lottery.

The problem isn’t just a simple (yet effective) bypass of incentivizing Chinese residents living in Japan to register for the lottery, strictly for the purpose of reselling their tickets. The problem also includes e-commerce bots designed to automate the process of purchasing an item or creating an account.

Last year, Olympic organizers discovered that 6,900 tickets were purchased in the first round of the domestic lottery with fraudulently created Olympic IDs. The organizers revealed that around 30,000 official Olympic IDs were created by a scalping group in an attempt to game the domestic lottery. All tickets purchased by the criminal group were cancelled without a refund.

Beware Cyber Criminals

With the Olympics fast approaching, one thing is for certain: cyber criminals will be looking to profit by targeting unsuspecting spectators who missed out on purchasing official tickets with lures containing ticket offers, travel packages and other giveaways.

For example, an Olympic secondary ticket marketplace, OlympicTickets2020.com, was recently compromised by a Magecart infection. Magecart is a criminal group that digitally skims credit card information from online payment forms by injecting malicious JavaScript into their targeted website.

Users who visit secondary ticket marketplaces looking for a last hope ticket can expect to be targeted by everything from fraudulent resellers to organized criminal groups looking to skim payment and personal information from your legitimate purchase.

If you are planning on attending the 2020 Summer Olympics in Japan and still have not purchased an official ticket from an authorized reseller, exercise caution while searching for tickets or packages in the secondary marketplace.

Because of the hype and high demand associated with the 2020 Summer Olympics in Tokyo, criminals will be looking to scam and profit off of those desperately searching for coveted Olympics tickets in the resell market. Criminals will be looking to leverage phishing attacks with Olympic-related lures to target their victims. Remember to legit check emails, and digital offers for tickets! Odds are, the offer is suspect and malicious in nature.