Scammers are good at doing one thing: Finding unsuspecting victims and creating some sort of urgency to give them as little time to think as possible. With Taylor Swift coming to Australia for the first time in many years, a lot of her fans were looking to secure tickets, leaving many without one. Scammers noticed the desperation in people who didn’t buy a ticket, and they decided to find ways to take advantage of that. 

Not only that, hackers were able to get into individuals’ accounts, steal the tickets that they bought and then sell them to another party. Both the original buyer and the second-hand buyer ended up being scammed. Up until now, over $183,000 has been lost, with thousands more not yet calculated in the total number. 

To respond to the scammers, Ticketek, the official ticket seller, took action after the first reports came in. However, the response wasn’t quick enough, leaving many people without tickets long before the event. The individuals’ accounts were compromised by information that was collected by other sources and by the time Ticketek took action, many tickets were already resold. The fans were angry at the company and were also disappointed by the lack of updates by Ticketek on their situation. 

What could have been done better?

A quick response is always crucial to ensure there is the highest chance of recovering what was lost. Other things that could have been done better are: 

Multi-factor authentication 

When customers log into their accounts, it is always advisable that they have set up a multi-factor authentication. That way, if scammers try to log in to the account, then they are alerted and access is denied. Multi-factor authentication should also be present when someone tries (in this scenario) to sell a ticket, or change bank details and other personal information such as passwords. This ensures that the customer has greater protection, and there are more ways for the scammer to be stopped. 

Alert notifications 

If someone has changed bank details or has put something for sale, a notification should be sent to the customer’s mobile phone or email alerting them this change has been made. Internally, a company should have an analytics/detection engine where a case is created when potential fraud is detected. It could be someone changing both bank details, name, password, and trying to sell something that they have bought. At Polonious, we integrate with software that allows us to notify a customer of a potential fraud case and initiate a quick investigation. Once we have a ping that suspicious activity is detected, we alert the responsible teams, to ensure a quick response if an investigation is needed.

Employ a case management system

Case management systems can help companies streamline their investigative process by automating many administrative tasks. They can help them manage their workload, generate case reports and keep everything within the investigation confidential. Case management systems act as a friend to investigators; they keep their work organised and helping them analyse complex information. Having a successful integration between a case management system and a transaction handling software could alert the company of potential fraud before a customer even realises what is going on. The instant response could be to freeze the account, allowing for an investigation to take place before another action is taken. 

At Polonious we are ISO 27001 and ISO 9001 certified, highlighting our commitment to delivering an efficient, high-quality system that is secure and trusted by many organisations around the world. 


How to protect customers against scammers

Raise awareness 

This is not specific to this scenario but financial institutions, retailers and any type of company that deals with financial transactions should raise awareness about potential scammers that customers may face. It could be something simple like an email, text message or a social media campaign informing customers and potential customers of the risks and scammers that try to target them. Scams focused on the cost of living, medicare or government-related matters, post office issues and big upcoming events tend to be more successful just because people have less time to think and want to deal with the issue they have fast. 

If awareness is successfully raised, then customers may take a step back and consider what they are looking at before they take action. 

Educate customers 

Just like employees, customers need to be educated on what is the best thing to do when making a financial transaction. For example, if they are dealing with a reseller, the best thing to do is buy from an official ticket website. They could also refuse to share their own bank details, instead asking the reseller to send them theirs. Using a secure payment method with buyer protection is always advisable, as it will be easier to get the funds back if they realise that they’re dealing with scammers. 

Share with them what they should and should not do in general as well as in specific situations. Encourage them to give the company a call if they are in an uncertain situation. Some scammers try to discourage victims from giving the bank a call but it should be communicated that it is always ok to do so. 

Have strong policies 

Having a strong anti-fraud policy ensures that fraud risk is part of regular risk assessments. It also assists in building a fraud-aware culture and an ethical workplace that cares about preventing fraud and responding quickly to incidents. A strong anti-fraud policy could outline the mandatory training staff receive to be aware of fraud as well as the actions taken to protect customers against scammers. A fraud response plan may be necessary when dealing with customers’ fraud as a lack of appropriate response can cost them and make them feel like the company doesn’t care about them as an individual. 

Scammers will keep targeting vulnerable victims

As an organisation, you should consider in what areas customers may be targeted by scammers to prevent negative sentiment towards your business. The rule of thumb is: If it sounds too good to be true, it probably is. Encourage customers to do their research before making a transaction and contact you if they need help. 

If you are looking to investigate customer fraud, Polonious is already helping many companies worldwide achieve a faster and more efficient investigation. Your customers are not the only ones who have fallen victim to scams, in Australia at least 300,000 scams were reported in 2023. In stressful situations where many of your clients are affected, we can help you manage your workload so your investigators only deal with the important tasks. We offer job prioritisation and automation of manual tasks to reduce human error and ensure a better investigation. If you want to hear more about how Polonious can assist you, reach out and book a demo!