The Fast and the Fraudulent: Outpacing Fraud Attacks and Chargebacks

It’s becoming more common for ticketing to be targeted by fraudsters, especially with the growing popularity of digital tickets that can be printed at home and the advent of the dark web where stolen credit card data and other personal information is readily available. And with every dollar of fraud carrying actual costs that are two or three times higher, waging a successful battle against it takes a concerted effort, as attendees at INTIX 2019 discovered when two experts provided what they described as an “entry-level overview” of the problem.

Holly Sandberg, Credit and Fraud Manager for Paciolan, and Mandi Grimm, Fraud Manager at Etix.com, both had plenty to say when they took the stage in Texas. Their overall message, however, could be summed up in just two words: Be aware.

Fraud is on the rise, they warned, and the fraudsters are starting to get bolder. In fact, card-not-present fraud is now so common everywhere that it’s becoming increasingly difficult to get the attention of law enforcement agencies. Still, Sandberg and Grimm advise reporting all incidents of fraud.

“Our law enforcement partners are heroes in fighting the good fight against fraud, but they need to allocate their resources where they will do the most good,” notes Sandberg. “When multiple venues and organizations work together to share knowledge and evidence with law enforcement, a group of small cases can become one big case. That case has a better chance at success and a bigger impact on shutting down fraud rings.”

Sandberg also urges everyone to take advantage of the FBI’s Internet Crime Complaint Center, which accepts online complaints and stores them in a database that can be accessed by those investigating fraud cases.

“Whatever you submit to the IC3 portal goes into a giant mega computer somewhere that's churning away looking for similarities and patterns,” says Sandberg. “I can't promise that you are going to feed information into this and an FBI agent is going to be at your door saying we're going to get the bad guy. It might just feel like the information is disappearing into the ether, but it really is doing something. It may not be something that you ever see an impact from, but be aware that it is definitely the best chance that anybody has at making a dent in this stuff because there's so much of it.”

Collaboration Is Critically Important

Grimm agrees that sharing information is critical, especially considering that fraudsters collaborate with one another on their forums and through other means of communication.

“The information they are sharing is how to defraud specific businesses — they learn the thresholds and vulnerabilities then communicate it within their networks,” she says. “This makes venues more vulnerable because multiple people are going to hit them. On the other hand, legitimate venues hesitate to share information, such as we have been hit by this trend, or this ring, or this person. When the ‘good guys’ are able to build networks and trust within their industry and community, they can better slow down, prevent or stop fraudulent transactions from occurring at their venue.”

Triangle Scheme

To help INTIX attendees understand how fraudsters are benefiting from stolen credit card data, Grimm gave an example of a triangulation scam in which Freddie the Fraudster offers discounted tickets to a popular event for sale on Craigslist or eBay. Once an unsuspecting person offers to purchase the tickets, in this case she’s called Debbie, the fraudster collects the money, but then uses another person’s credit card data that they bought on the dark web to order the ticket from the venue. The tickets are then sent to Debbie’s address using personal information she willingly provided to the fraudster. It is then up to the legitimate cardholder, we’ll call her Tina, to dispute the charge. Grimm picks up the story from here:

“So, what has happened here? Tina calls her bank and says, ‘I don't know what this charge is,’ and a chargeback process begins. In the meantime, Debbie gets the tickets, and as many of you have probably encountered at least once, she shows up at the venue. Once you've got the chargeback, you decide whether to cancel the order. It’s important to realize and to understand that when Debbie shows up at the venue on the day of the show, she probably has voided tickets in her hand. Freddie the Fraudster got Debbie's money and the venue then loses the chargeback and incurs the expenses associated with fighting it, because it is a case of true fraud.”

Customer Service Still Counts

At this point, Sandberg jumped into the discussion, recommending that ticket office staff choose their language carefully when dealing with people who have invalid tickets.

“These people are already in a difficult situation,” she says. “They were all excited about seeing the event. If you have inventory to sell them, in their minds they’re now paying twice. If you don’t, they are being turned away. There are sometimes tears, sometimes yelling. From a customer service perspective, the situation requires a certain amount of empathy.”

Detecting and effectively dealing with this type of fraud relies heavily on the training that ticket sellers have received and the tools that are available to them, including understanding their customers and implementing correct credit card authorization protocols.

Risk Factors

According to Sandberg and Grimm, there are many risk factors to watch for. For example, if you are being targeted by a fraudster, they may float a few transactions to see how you respond to them.

“They are looking basically to see where your vulnerabilities are,” says Sandberg. “When they find them, that's when the large-scale activity is going to come through.”

Here are five red flags that Sandberg and Grimm recommend knowing and watching:

1. High-dollar inventory

“If you have high-dollar inventory that’s not quite knocking it out of the park as far as demand, it’s just kind of sitting there, the fraudsters, in my experience, really love to pick that up. They'll buy it from you for $500 and go sell it for $100 or even $10. It doesn't matter — it’s all profit to them because it’s stolen money,” says Sandberg.

2. Risk increases as the event approaches

“Once you decide you're safe, maybe three days out, the fraudsters are watching us the same way we are watching them, so they will buy five days out,” says Sandberg. “If they figure out we're watching transactions over $500, they will spend $300 three times. So, there is always a push-pull that we try and keep an eye on. You’re never finished fighting fraud. Adaptation and analysis have to be an ongoing process.”

3. Sales anomalies

“Run a daily report, look at things. You know your business better than anybody else, so if you look at something every day and just kind of skim a ticket count report or a list of emails or sales at particular dollar amounts, you are going to know when it doesn't look like what it’s supposed to look like and then you can reach out for help,” says Sandberg. “Sometimes people will ask, what are we looking for? My best advice is to just watch. Look daily at what's going on in your business and if something seems to be too good to be true, like a big spike in sales for instance, it might be something that you should take a closer look at because there might be a more nefarious explanation for what’s going on.”

4. Delivery methods

“Traditionally, the bad guys have gone after digital delivery and print at home,” warns Sandberg. “But we are seeing them targeting will call and then trying to pick their tickets up early, days in advance, and then they have hard tickets that they can go and sell.

Calling into customer service for name changes, and hitting will call or group sales and premium sales in creative ways is another avenue for fraudsters.

“Never assume that one channel is always where your risk is,” Sandberg continues. “If you are shipping to different billing and ship-to addresses, again lots of legitimate orders have this, but when you are weighing whether or not something looks kind of off to you, it’s typically never just one slam dunk thing. You are looking at what’s tipping the scales. You might have different billing and shipping, but you've got a positive history and you've got a good AVS address response or CVV match, so that order might be fine. But when you have pile of different billing and shipping addresses with a weird looking email address and something else all on that side of the scale, that’s when you might want to look a little closer.”

5. Zip codes

“Many of you have probably seen this — all of a sudden you have a ton of sales outside of what you might expect to be an average radius from where your buyers are coming,” says Grimm. “Historically, that’s been something that would be a red flag. Now fraudsters realize that you’ll be watching for that, so if they know you are treating orders with a zip code that is 400 miles away as being suspicious, they’ll buy stolen credit card data that is closer to your venue so they can fly under the radar.”

Chargebacks

If ticket sellers are not vigilant, it won’t be long before the chargebacks begin to pour in. People whose credit cards are being used without their authorization usually start the process when they see an unexpected charge on their statement. Thus, begins a long and potentially costly battle which you may or may not win. It could end up in a second chargeback being filed.

Sandberg stresses the importance of responding to all enquiries for chargebacks in a timely fashion. This is ever-evolving, and some card brands have recently changed the rules.

“I would hate to see anybody lose a chargeback because they thought they had more time to respond to it, and it turns out that they didn't,” she says. “There are some areas with these things where you can argue things back and forth, but being past the due date is never one of them. That's it, you've lost the opportunity to fight for that money.”

What if the event hasn’t taken place yet? Grimm’s advice is simple. If the event has not yet taken place, and especially if it looks like a true fraudulent charge and it’s just a chargeback, for whatever reason they give you, go ahead and issue a refund when you are able to.

“As long as they are not abusing the chargeback policy, it’s good customer service to go ahead and issue that refund. It’s going to save you a lot of time and money in the long run because you might win the case before the show happens, then they file a second chargeback, you lose it and the show has already happened. You've paid the promoter or whoever it is that you are settling with, so you are already out that money and you don't have a chance to recoup it,” explains Grimm.

If you do choose to fight a chargeback and have compelling evidence, Sandberg says you should definitely include it.

“In the past, I could submit a picture of Mandi at the concert taking a selfie with the band behind her that she posted on every social media outlet and it wouldn’t matter; the banks would just say it’s a card-not-present transaction. Mandi says she didn't do it. That's that, she gets her money back. That has changed and continues to change,” says Sandberg.

Friendly Fraud: Not an Oxymoron

Friendly fraud occurs when authorized cardholders dispute legitimate charges to their cards, trying to get a refund under the pretense that the ticket seller made an error or refused to resolve a complaint.

“People can be really brazen about this because they know that the rules favor cardholders,” says Sandberg. “I’ve seen people try to get refunds because the performer didn’t play their favorite song, or their lyrics were all about smoking pot and someone near them was smoking pot. I have had people on the phone tell me that they just received a high electric bill, so they could no longer afford the tickets they bought so they are disputing the charge.”

“We've had people call and say they gave their child a credit card when they went to college for emergency purposes,” adds Grimm. “Then the child decides an emergency is to buy tickets to whatever, so the parent starts disputing that chargeback. That’s not our fault, but it does happen regularly.”

Both Sandberg and Grimm agree that although such incidents can be very irritating, they too need to be handled with care.

“After you go scream in a pillow and come back and deal with how to respond to that chargeback, be aware that there are differences in how you want to handle that,” says Grimm.

A Final Word

Sandberg and Grimm ended their presentation in much the same way as it began: Fraud is becoming a bigger problem every day. Indeed, fraudsters are constantly seeking new ways to get their hands on stolen credit card data and use it to steal. It’s important to keep one step ahead of them. The best way to do that is to collaborate, both within the industry and with law enforcement. And with that, a final cautionary note from Sandberg in response to a question from the audience about seeking outside help to eliminate fraud altogether.

“I'm always a little leery when someone comes to me and says, ‘I can stop all your fraud, but to do that I have to cancel three percent of your transactions.’ We can do that, too. If you let us cancel three percent of your transactions, you won't have any fraud. But maybe only one percent of your transactions are attempted fraud, so something doesn't quite add up there. Event tickets are experiential. If a fraud solution vendor is heavy handed and cancelling a lot of legitimate orders, it’s different than hard merchandise. A venue just can’t go to a stock room, get another lifelong concert memory or best game ever off a shelf and apologize for the inconvenience if a good order gets cancelled. We have to get it right. Sometimes, I think people just freak out and they hire somebody. Sometimes that’s absolutely the best thing to do, but sometimes it’s not. Don’t be intimidated by building your own in-house process to deal with fraud.”