By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    12 months ago
    BEWARE THE THINGBOT!
    12 months ago
    Is your PC a part of botnet? Check it!
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    6 hours ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    1 day ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    1 day ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    2 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    12 months ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    12 months ago
    How to fix Microsoft Store not working on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    9 hours ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    9 hours ago
    Encrypted Client Hello – the last puzzle piece to privacy
    Encrypted Client Hello – the last puzzle piece to privacy
    9 hours ago
    Reminder: Enable two-factor authentication wherever you have it. This business
    13 hours ago
    ​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
    13 hours ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    VK Messenger update
    9 months ago
    How to block a website in iOS?
    9 months ago
    How to post photos to Instagram from a computer?
    12 months ago
    Latest News
    How to enable extensions for Google Bard AI
    7 hours ago
    Window 11 Copilot: 10 Best tips and tricks
    14 hours ago
    How to create AI images with Cocreator on Paint for Windows 11
    2 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    3 days ago
  • Glossary
  • My Bookmarks
Reading: Why you shouldn’t post tickets with barcodes online
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Wordpress Threats

Why you shouldn’t post tickets with barcodes online

Vitus White
Last updated: 7 October
Vitus White 4 years ago
Share
9 Min Read

Security experts and media pundits warn people to avoid posting pictures of their tickets online. Many people follow this rule, but not everyone. Time and time again and again, we see photos of tickets on social media, especially on Instagram. Just check the #tickets hashtag and you’ll see.

Contents
Why is doing this a bad idea again?Is it really that serious?Why do they make individual tickets with names if one can easily forge them?Is there any way to post tickets safely?

Why is doing this a bad idea again?

The problem with these types of posts is that people post tickets for events happening in the future and forget to blur out or cover up the barcodes and figures beneath them. Bad guys can copy the this information from these photos and use them to duplicate tickets — and resell them or visit the event at the expense of the victims.

The same rule holds true for airplane tickets: hooligans won’t take your place on the plane but they can literally ruin your trip — book the worst seats for you or even cancel your return tickets. All of the necessary information for this trick is printed on your airline tickets, so don’t post them online. Just don’t do it.

Is it really that serious?

Do you remember an Australian woman named Chantelle who won $825 at Melbourne Cup horse race? She posted a selfie with her ticket and lost all of the prize money.

Almost every huge event attracts cybercriminals attention. Last year British citizens lost £5.2m to ticket fraud and the situation has not changed for the better. Major sporting events such as the Rugby World Cup or the Euro 2016 championships are on the top list of ticket scams. Concerts and festivals come next.

7 reasons you shouldn’t post your boarding pass online https://t.co/rjMLtV2vE1 #travel #Traveltips pic.twitter.com/wjntp7MazC

— Kaspersky Lab (@kaspersky) November 6, 2015

Ticket services typically have rules that say that every client must not provide data from the ticket to third parties. Publishing a photo of your ticket online equals to sharing your data with anyone who sees the picture. So if you do it, don’t blame the ticket services — they cannot do anything should you disregard their rules and give your ticket away to strangers.
Posting tickets online is also a great way to alert burglars to the date and time that you will be away from your home.

Why do they make individual tickets with names if one can easily forge them?

When one person posts their ticket picture online, that can start a slippery chain of events where another one buys a fraudulent ticket from private sellers and the original purchaser or duplicate purchasers cannot attend the event – simply because someone else used their tickets and gotten there before them. Is there any way to solve this problem? Of course, event managers can verify your ID at the entrance — something like two-factor verification. But in real life, this approach is far from perfect.

For starters, ticketholders can become irritated if there is strict control matcing tickets to names. Secondly, it’s not practical. If the event gathers hundreds of people you can check their identities and not spend too much time doing that. If it gathers 30,000 people — it’s almost impossible. Imagine a concert that doesn’t start because visitors stay in queue for hours. Nobody would want to miss the beginning of the concert because of strict security measures.

Be carefull guys, always hide the barcodes when you post a picture of your ticket(s) online! You never know… #Dominator

— Dominator Festival (@DominatorFest) April 4, 2015

In addition, it’s plainly dangerous to have licenses, passports or other forms of official ID out in the open at mass events — thieves can easily steal such things in the crowd. From the other side, concert managers can meet victims halfway and offer them some seats — even if they won’t be as good as those they’ve bought in advance. This approach also has its own disadvantages. Some people abuse the situation: they give their tickets to the friends to let them come in for free and go to event managers to solve the “problem”. That’s why many ticket inspectors don’t believe people with already used tickets.

Unfortunately, there is no universal solution to this problem — we would have to invent a new ticket identification system to do that. Until that time all of us should be vigilant and never publish tickets and documents online.

Male arrested following sale of fraudulent concert tickets https://t.co/LmuBSX8uWB #fraud pic.twitter.com/oyWplnxyYG

— Ont Police Reports (@OntPoliceReport) July 15, 2016

Is there any way to post tickets safely?

Yes, there is a semisafe way. If you want to post a ticket online you need to know what to hide. That’s why you have to be familiar with barcodes and how they work.

There are 1D barcodes used to code small pieces of information and 2D bar codes — to pack big amount of data.

1D bar code is based on the binary code. Well, ok, it’s a bit more complicated: each denary digit is formed with 7 lines which can be either white or black. Sometimes black lines are not separated with white lines thus making thicker black lines. The last bars of the code usually denote check digits, that are used to confirm the reading accuracy. Cinema, concert and airplane tickets often contain several check digits that confirm data provided in the barcode.

How does Barcodes and Barcode Scanners Work ? https://t.co/rs30ybjPN1 pic.twitter.com/M67I3dyxOu

— Latest Hacking News (@7H3Wh173R4bb17) June 15, 2016

One of the most widespread 2D barcodes is QR-code. Mostly it’s used to quickly open websites on mobile devices, but not always: for example, you can find them on India’s IRCTC train tickets. Many flight boarding passes also contain a 2D barcode (not exactly QR, but a PDF417). Here is a good page that tells about the use of 2D barcodes for ticketing on Quora.

2D barcodes consist of black and white squares, which are – you’ve guessed it – also 1 and 0. But 2D barcodes are more complicated than 1D, as they usually have not only some check digits, but also special areas used for the cameras to recognize 2D barcodes as barcodes. For example, QR codes have these three distinguishable squares in their corners.

If you want to post tickets online you need to blur out the barcode entirely together with figures below. Though ticket inspectors use scanners to read barcodes only, criminals can recover the code from the figures given below.

Are you really going for a Coldplay gig if you haven't posted a picture of your ticket online?

— Azeem Banatwalla (@TheBanat) June 16, 2016

All in all we don’t recommend posting tickets on the Internet before the event even if you blur over the code — criminals with proper experience in social engineering can lure the missing data out of you and your surroundings. If you want to share the joy with other people you can simply write something like this: “Hi, everybody! I’m going to the Black Sabbath farewell concert!”


Source: kaspersky.com

Translate this article

TAGGED: SASE, Security, Social engineering, Threats
Vitus White October 7, 2022 September 30, 2019
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 9 hours ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 9 hours ago
Encrypted Client Hello – the last puzzle piece to privacy
Encrypted Client Hello – the last puzzle piece to privacy
Apps 9 hours ago
Beware of scammers! Dangerous apps in the App Store
Threats 9 hours ago
How to enable extensions for Google Bard AI
News 10 hours ago

You Might Also Like

Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps

Cloudflare now uses post-quantum cryptography to talk to your origin server

9 hours ago
Privacy-preserving measurement and machine learning
Apps

Privacy-preserving measurement and machine learning

9 hours ago
Encrypted Client Hello – the last puzzle piece to privacy
Apps

Encrypted Client Hello – the last puzzle piece to privacy

9 hours ago
Threats

Beware of scammers! Dangerous apps in the App Store

9 hours ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
Critical Vulnerability in Forminator Plugin
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
Previous Next

10 New Stories

Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
​​Let's find out who is watching your Instagram stories from a fake Have you ever wondered
Window 11 Copilot: 10 Best tips and tricks
How To Limit Login Attempts on WordPress (+ Should You?)
Previous Next
Hot News
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?