Four indicted for $25M online ticket fraud scheme
Wiseguy Tickets allegedly hacks its way to Springsteen, Rose Bowl, Broadway tickets
Computerworld - Four men have been indicted for illegally buying and reselling tickets to major concerts, a Rose Bowl game and tapings of the television show Dancing with the Stars.
The 43-count indictment, which was handed down by a federal grand jury in Newark, N.J., on Feb. 23 and unsealed today, alleges that the men hauled in $25 million in the scheme that had them fraudulently buying and reselling more than 1.5 million tickets to highly coveted shows, including Bruce Springsteen and Kenny Chesney concerts, along with some 2007 Major League Baseball playoff games and Broadway productions of Wicked and The Producers.
The indictment charges Kenneth Lowson, 40, Kristofer Kirsch, 37, and Faisal Nahdi, 36, all of Los Angeles, as well as Joel Stevenson, 37, of Alameda, Calif., with conspiracy to commit wire fraud and to gain unauthorized access to computer systems. The indictment also includes 42 additional counts of wire fraud, gaining unauthorized access to computer systems, and causing damage to computers in interstate commerce.
All four men worked for Wiseguy Ticket Inc. and allegedly targeted online ticket sellers like Ticketmaster, Tickets.com, MLB.com and MusicToday.
"At a time when the Internet has brought convenience and fairness to the ticket marketplace, these defendants gamed the system with a sophisticated fraud operation that generated over $25 million in illicit profits," said U.S. Attorney Paul J. Fishman. "Today's indictment represents a significant step forward in the fight against those who use fraud to disrupt e-commerce and evade computer security."
Lowson, Kirsch and Stevenson surrendered this morning at FBI headquarters in Newark, N.J. Nahdi, according to the U.S. attorney's office, is not in the U.S. but is expected to surrender to authorities in the coming weeks.
According to the indictment, the four defendants profited by creating computer programs that could get around online ticket vendors' security defenses.
In an attempt to ensure fair access to tickets, online vendors such as Ticketmaster limit the number of tickets that an individual or a company can buy at one time. To enforce this limit, vendors set up software to detect and prevent automated systems from scooping up bundles of tickets in one fell swoop.
The government alleges that Wiseguy Tickets worked with computer programmers in Bulgaria to build a network of computers that could pretend to be individual buyers. This enabled Wiseguy Tickets to flood ticket vendors' networks at the moment that tickets went on sale.
The indictment also alleges that the defendants created and managed hundreds of fake Internet domains and thousands of e-mail addresses to disguise their scheme.
The government noted that for a single July 2008 concert featuring Bruce Springsteen and the E Street Band at Giants Stadium in New Jersey, Wiseguy Tickets was able to buy and resell nearly half of the 440 general admission floor tickets that went on sale to the public. That means they controlled about half of the seats that were closest to the stage and the most expensive.
Once Wiseguys held the tickets, they allegedly resold the tickets to other ticket brokers, who then sold the tickets to the general public at significantly higher prices, according to the indictment.
"The public thought it had a fair shot at getting tickets to these events, but what the public didn't know was that the defendants had cheated them out of that opportunity," Fishman said.
All of the defendants are expected to be arraigned within weeks. The case is being led by Assistant U.S. Attorney Erez Liebermann.
Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin or subscribe to Sharon's RSS feed . Her e-mail address is firstname.lastname@example.org.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts