Ticketmaster warns of hacked mailing list, Adobe Reader spams sent out

Filed Under: Adobe, Featured, Malware, Spam

The UK branch of the ticketing firm Ticketmaster has warned its online customers that they might have received a series of unauthorised emails after its TicketWeb subsidiary's mailing list system was compromised.

TicketWeb email warning

It appears that the first Ticketmaster knew of the security breach was when a customer informed them via Twitter on Saturday.

Blogger David Cannings, shared more information about the unauthorised TicketWeb emails, which he discovered pointed to a bogus Adobe Reader download page.

Bogus Adobe download website

The emails reportedly claimed that the recipient's version of Adobe Reader was out of date and offered a link where a new version could be downloaded. Hardly the kind of email you would normally expect from Ticketmaster..

Bogus Adobe email

As regular readers of Naked Security should know well by now, the only place you should ever download an update to Adobe Reader (or indeed Adobe Flash) from is Adobe's own website.

TicketWebA spokesperson for the ticketing firm was keen to reassure customers that "no sensitive personal information or credit card information was vulnerable directly from the TicketWeb UK direct email marketing system during this incident."

Of course, there are two problems here. As well as customers needing to be warned about the unauthorised emails sent via TicketWeb's mailing list, Ticketmaster also needs to ensure that its various mailing lists can not be hacked again.

After all, customers will unsubscribe pretty quickly and take their business elsewhere if they find the email address that they have given Ticketweb, or or its parent firm Ticketmaster, is being used by spammers.

If a mailing list is compromised it can be a very effective way for fraudsters and cybercriminals to communicate maliciously with a firm's customers, with the advantage of bearing all the hallmarks and headers of a legitimate email from a company they trust.

, , , , ,

You might like

3 Responses to Ticketmaster warns of hacked mailing list, Adobe Reader spams sent out

  1. johnwbaxter · 794 days ago

    This is the sort of thing that causes me to use a vendor-specific email address with each vendor. (I've had surprisingly few instances in which an address leaked--one that did leaked around 1998, was at one point sent 400 spams a week, has been shut down for a long time (with no such address responses in SMTP) and still receives mailing attempts.That vendor no longer exists.)

    --John

  2. I told them at 2pm on Saturday - went to the bother of sending an email with all the headers. But they didn't tell users until Sunday. They hardly acted with "urgency."

  3. stuckinstandby · 793 days ago

    I've been doing something similar for about 15 years and have had a handful leaked.

    How do you configure the "no such address responses in SMTP"?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.