Ticketmaster warns of hacked mailing list, Adobe Reader spams sent out

Ticketmaster warns of hacked mailing list, spams sent out

The UK branch of the ticketing firm Ticketmaster has warned its online customers that they might have received a series of unauthorised emails after its TicketWeb subsidiary’s mailing list system was compromised.

TicketWeb email warning

It appears that the first Ticketmaster knew of the security breach was when a customer informed them via Twitter on Saturday.

Blogger David Cannings, shared more information about the unauthorised TicketWeb emails, which he discovered pointed to a bogus Adobe Reader download page.

Bogus Adobe download website

The emails reportedly claimed that the recipient’s version of Adobe Reader was out of date and offered a link where a new version could be downloaded. Hardly the kind of email you would normally expect from Ticketmaster..

Bogus Adobe email

As regular readers of Naked Security should know well by now, the only place you should ever download an update to Adobe Reader (or indeed Adobe Flash) from is Adobe’s own website.

TicketWebA spokesperson for the ticketing firm was keen to reassure customers that “no sensitive personal information or credit card information was vulnerable directly from the TicketWeb UK direct email marketing system during this incident.”

Of course, there are two problems here. As well as customers needing to be warned about the unauthorised emails sent via TicketWeb’s mailing list, Ticketmaster also needs to ensure that its various mailing lists can not be hacked again.

After all, customers will unsubscribe pretty quickly and take their business elsewhere if they find the email address that they have given Ticketweb, or or its parent firm Ticketmaster, is being used by spammers.

If a mailing list is compromised it can be a very effective way for fraudsters and cybercriminals to communicate maliciously with a firm’s customers, with the advantage of bearing all the hallmarks and headers of a legitimate email from a company they trust.