Emma Schmelzle was one of the lucky ones. Last August, she and her brother snagged tickets to Taylor Swift’s Eras Tour in Toronto for $91 each. The seats were partially obstructed, but the tickets were still a steal. A single Eras Toronto ticket is now selling for close to $3,000 at their cheapest on resale markets.
For more than a year, Schmelzle thought she was in the clear. Then, in September, her brother received an email: their tickets had been transferred out of his Ticketmaster account. Their chance to see one of the biggest tours in history was gone.
Working with Ticketmaster support in the week that followed, Schmelzle and her brother got the tickets back. But that scare — plus another a month later, when it appeared the tickets had been stolen again — has shaken Schmelzle’s faith in Ticketmaster.
“It feels unfair to those people who already jumped through hoops to get tickets in the first place,” Schmelzle said. “If they want to be the primary seller for concert tickets … there needs to be more security, because it’s unfair to fans.”
Ticketmaster says thefts have affected less than 0.1 per cent of fans. But the surge in reports of scams have left many fans frantically trying to protect their account, especially as Swift’s six concerts in Toronto begin on Thursday. Just this week, Peel Regional Police warned of ongoing scams targeting concertgoers in the GTA.
“If you are in the market for resale concert tickets this week in the GTA, please research where you are purchasing tickets from,” the police said in a release. “If it sounds too good to be true, it probably is.”
After all, the Eras tickets are like a lottery ticket. Get your hands on a good seat and it could pay for three months rent or a luxurious overseas vacation.
In a statement to the Star, Ticketmaster said its “digital ticketing innovations” have “greatly reduced fraud” compared to when PDF and paper tickets were used. The company first introduced SafeTix, a digital barcode that refreshes every few seconds, in 2019.
“Scammers are looking for new cheats across every industry, and tickets will always be a target because they are valuable,” a spokesperson said. “Ticketmaster is constantly investing in new security enhancements to safeguard fans.”
There are things you can do on your end, too, to ensure your tickets are as safe as possible. Here’s what experts recommend.
Use strong, unique passwords
The first way to protect yourself is to use complex and unique passwords on all your accounts.
“If people have passwords that are memorable, they are passwords that are easily hackable,” said Evan Light, a surveillance and privacy professor at York University.
Jane Arnett, strategic sales manager at security software company Check Point, recommends using passwords that are more than 20 characters long and include misspelled words, fun numbers and different languages.
Don’t use the same password in different places. Doing so can make much of our online activity “insecure,” Light said.
In its statement to the Star, Ticketmaster said that security issues often originate from personal email accounts.
Because password resets from other accounts are sent to your email, make sure your email password is “really, really strong,” Arnett said. “Make it unique and very long.”
Change your password during the 72-hour transfer window
In October, as reported scams and thefts of Eras Tour tickets surged, Ticketmaster enacted a new rule that stopped all ticket transfers until 72 hours before the event.
Arnett recommends changing your password during that window “if you really want to see this concert.”
Be careful what contests you enter
In the mad dash to get tickets to the Eras Tour, some fans are entering hundreds of contests and giveaways. They can be great opportunities for free tickets — Rogers has given away 1,120 tickets through its national contest alone — but it can also put your data at risk.
Arnett warns that contest runners may not actually be who they say they are. Even if they are, they might not be diligent about protecting your data, she said. She recommends setting up a separate email address to enter contests: “Just be really careful about who you’re giving your information to.”
Use a password manager
Arnett recommends changing your passwords once or twice a year — and immediately if a company you have an account with has a data breach, as Ticketmaster did earlier this year.
If it sounds impossible to remember all these passwords, that’s OK. Gone are the days where recording your password somewhere is sacrilegious. In fact, Light said he doesn’t memorize all his passwords.
Instead, he uses a secure password manager. Arnett keeps all her passwords in one as well, with the exception of her main email address and bank account.
Most browsers like Chrome offer their own password manager. Other options include 1Password, Bitwarden and Dashlane.
Stay vigilant
Data is a hot commodity, Arnett said, and it can be hard to tell what a company is doing to protect it.
“It is very difficult to be able to tell what the defences inside a castle are when you’re standing on the other side of the moat,” Arnett said. “There are always threat actors out there who are trying to get into every company.”
“Be on extra high alert up until the day, and good luck.”
