Feeds

Footy lovers hit in Wembley playoff card snatch scam

Man on - in the middle, claims club

Choosing a cloud hosting partner with confidence

Provider Ticket Zone is continuing a joint investigation with Brentford Football Club after it emerged that card details used to buy tickets for the League One playoff final last weekend were subsequently used for fraudulent purchases.

Yeovil beat Brentford 2-1 to reach The Championship on Sunday, piling on further misery for many Bees' supporters who had been stung by the fraudulent purchases. Fan Derek Abbey first heard of the apparent scam on a Bees' forum before discovering £380 in fraudulent Oyster Card payments had been deducted from his account, the BBC reports.

Reg reader Faisal told us he was also hit.

"It appears that fraudsters were able to access my online banking account and I don’t think it was my PC that was compromised," he said.

These cases were far from isolated, prompting Brentford and Ticket Zone to launch a joint investigation. Initial forensic work points to a “man in the middle” attack rather than a problem on Ticket Zone's systems or something linked to malware on consumers' PCs, the latest statement on the investigation explains.

Brentford Football Club is continuing its investigation to find out why some card details of those using Ticket Zone to purchase tickets for the npower League One Play-Off Final were compromised.

The Club learned last week that some cardholder data from those buying tickets for the match online had been used fraudulently.

An investigation was immediately launched and initial forensic work pointed to a “man in the middle” attack.

An independent investigation of Ticket Zone’s systems and those of the specialist online queuing company, Queue-it, is now underway and the Police Active Fraud Department have been informed about the security incident and are also investigating.

An investigation as serious as this will not, unfortunately, be resolved quickly.

Brentford FC acknowledged a "great deal of inconvenience has been caused to supporters" and promised it "will not rest until the full details of what has happened have been made public". It encouraged fans to report problems to Ticket Zone, the official club online sales ticketing partner.

An earlier statement, issued shortly after complaints began and the investigation was launched last week, states that Ticket Zone does not store customer card data.

Ticket Zone does not store customer card data at any point and all information is stored in a secure token system that is approved and provided by its banking partner.

Further examinations have also been undertaken in conjunction with the Danish IT company, Queue-it, who provided the front-end queuing system ahead of the Ticket Zone site.

Once again, all systems are shown as clean.

However, following an investigation, it has been noted that a small number of attempts to access the site from unknown web destinations have arrived through unauthorised links shared via social media sites.

Ticket Zone has commissioned forensic specialists to assist their own technical teams with the on-going investigations.

All investigations point towards a MITM “man in the middle” attack intercepting internet traffic prior to landing on the queuing site.

An attack like this would allow a fraudulent third party to record key strokes as they are being made on the customer’s own browser.

When this occurs, neither the customer or Ticket Zone is aware that fraudulent data capture is taking place behind the scenes.

The crime has been reported to the Police via Active Fraud UK and they are now investigating this on Ticket Zone’s behalf.

Supporters of Bradford City buying tickets through Ticket Zone for the League Two play-off final may also have been hit by fraud, according to local reports in Yorkshire. The pattern of fraud seems to be much the same as in the Brentford case, with one Bradford fan getting hit with a £900 fraudulent PayPal charge and another getting stung for £50 in scam mobile phone top-up charges. The fraud involving Bradford City fans have also become the subject of a police investigation, the Bradford Telegraph & Argus reports.

Bradford City FC, which gained promotion to League One in a League Two play off final at Wembley last Saturday, is yet to comment on the matter.

Ticket Zone is yet to respond to our request to comment on the matter. We'll update this story as and when we hear more. ®

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
Apple grapple: Congress kills FBI's Cupertino crypto kybosh plan
Encryption would lead us all into a 'dark place', claim G-Men
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.