Fraud in ticketing has evolved far beyond stolen credit cards. Today’s threats include resellers, bots, synthetic identities and coordinated fraud networks that are impacting venues, artists and fans alike. What was once a nuisance has become an organized, fast-moving industry. At a recent “INTIX on the Road” education session hosted at AudienceView’s Toronto headquarters in partnership with the Ontario Professional Ticketing Association, “Mr. X” revealed how these modern attacks operate — and how venues can push back with layered defenses and stronger cross-team collaboration.
Here are some key takeaways from the session.
No. 1: Fraud is industrialized and harder to detect.
Mr. X framed today’s “fraud funnel” in blunt terms. It starts with data breaches and shady e-commerce sites that collect credit card data. From there, bots run $1 card tests on donation and gift card pages, prime targets with no inventory limits. Validated credit cards are then moved to open marketplaces, where criminals buy a complete profile, including name, address, email, expiry date and CVV, for the price of a lunch. Fraud-as-a-Service has lowered the bar even further, as everything a fraudster needs is available for anonymous purchase using crypto.
You may be wondering why detection is so hard. It is because the bad actors work hard to look normal. Mr. X showed examples where “gibberish” emails belonged to small, long-standing resellers who never filed chargebacks, while perfectly matched names, locations and device histories were 100% stolen cards. The clues that once helped identify fraud can now be deliberately misleading.
The numbers are staggering. According to Mr. X, nearly every organization — 98% worldwide — has encountered fraud in the past year. Losses are projected to reach US$34 billion in 2025 and exceed US$400 billion over the next decade. Even a slight dip in observed order fraud rates, from 3.3% to 3.0%, is no victory. “Does that mean we are going to be all okay?” asks Mr. X. “No. Still, 3% is a massive, massive problem.”
No. 2: Resellers act as a major catalyst for fraud.
Some reseller groups now behave like well-funded e-commerce operations. With queueing and launch bots, they can lock an entire drop in carts within seconds. A venue may sell out, but real fans are left behind as tickets move to third-party marketplaces, and marketing loses the direct connection with buyers.
Chargeback exposure grows, too. Some resellers file disputes on unsold inventory after the event, often behind burner emails, addresses and cards that make winning the chargeback nearly impossible. Others double- or triple-sell the same barcode, creating problems for ticketing teams when multiple customers arrive with what appears to be a valid ticket.
“Every fraudster is a reseller, but not every reseller is a fraudster,” Mr. X says. “If I was a fraudster, let's say I have 10 credit cards, I wouldn't go to a random event. I would go to the event that resells. I would [look at] the third-party market. Which events are the most popular? Which tickets can I buy now and resell within 10 minutes on Facebook or third-party markets?”
High-demand shows are the perfect flip, because a fraudster can convert the $20 spent buying a credit card profile into hundreds of dollars of resale profit in minutes.
The amount disputed through chargebacks is only part of the damage. Teams face processor fees for each loss and escalating network penalties when thresholds are exceeded. There is also the time spent defending chargebacks and potential reputational strain with co-producers when payouts are held back just in case.
“We have seen organizations that dispute every single chargeback. Keep in mind, if you dispute a chargeback and you lose, [there are fees of] $30 to $50 on top of that, depending on the processor … You can dispute a second time if you lost. That's a $500 fee,” Mr. X says. “I've seen organizations that dispute nonstop. They don't even know that they're accumulating even more damages from disputing versus just eating up all these chargebacks.”
He continues, “Now, of course, there are penalties. And penalties are also very damaging. Visa and Mastercard track the rates of chargebacks compared to your sales. If you go above their thresholds, they would send you a warning, like, ‘Hey, things are getting out of hand. You need to watch out.’ If you are still above the threshold months later, they are going to put you on the program. Once you're on the program, you have to prove for consecutive months that you are below the threshold. If one month you're above, penalties can go from $25,000 to $200,000 to $300,000 to half a million dollars. Just because you cannot control the chargebacks.”
No. 3: Tools alone are not enough — layered strategies are critical.
Individual tools help, but criminals adapt, says Mr. X, adding, “There is not a single tool that is a silver bullet.” He also described common circumvention patterns, such as creating device history to bypass 3DS step-ups, compromising mobile tokens when phones are cloned and shaping behavior to match “good buyer” norms. Used on its own, any single control will eventually be defeated.
“Let's say I got someone’s credit card. It's so simple, it's mind-blowing,” Mr. X says. “I can create a virtual machine, take her credit card, go and make a $1 donation because it's under a certain amount. The transaction goes frictionless. I don't see the two-factor authentication. I wait a month. I do another transaction, this time for $300. All the rules are configured by people … The bank [sees that] there was already a transaction approved from the same device, from the same credit card. It went through … and there was no chargeback. Boom. It goes frictionless again. And just like that, I bypassed 3DS for $300.”
The fix is strategic, not singular. Treat tools like those in your garage, where they are not saviors but essential instruments to help achieve something bigger. Just as important, departments need to communicate with one another.
Mr. X explains, “I would say one of the most problematic things in the industry is … ticketing does not talk to finance, finance does not talk to IT, and they all live in their own silos. If someone comes to the box office and says, ‘I just bought these fake tickets’ … a lot of times, no one else besides the box office knows about that issue.”
Ultimately, what can live event and entertainment ticketing teams and organizations do? Collaborate like the adversary does. Let’s face it, fraudsters adapt quickly, and they collaborate. The ticketing community must do the same. By sharing intelligence, implementing layered defenses and building disciplined internal processes, venues can protect fans and safeguard revenue.
As a practical next step, Mr. X provided a two-page self-evaluation worksheet with prompts for IT, finance, ticketing and organizationwide policy. It was designed to help spark cross-team conversations and prioritize your next moves toward stronger, more coordinated fraud prevention.
Editor’s Note: For more insights and peer learning, plan to join your ticketing colleagues at the 47th Annual INTIX Conference & Exhibition, taking place Jan. 26-29, 2026, in Las Vegas. It is the perfect place to continue the conversation, learn from industry leaders, and strengthen your own approach to fraud prevention and beyond.