Don't miss this act
Been to a lot of concerts this year? If you're someone who minds your budget, we bet your answer is a resounding no. Live concert tickets are expensive. And the Federal Trade Commission (FTC) is getting to the bottom of the sneaky tricks that may be keeping many of us from finding affordable event tickets. Just last week, the FTC and seven states sued Ticketmaster and its parent company, Live Nation, alleging that the companies allowed ticket brokers to buy millions of dollars’ worth of tickets in the primary market and then allowed the same tickets to be resold on the Ticketmaster platform at a substantial markup, causing consumers to pay significantly more than the face value of the ticket. The FTC alleged that Ticketmaster engaged in bait-and-switch pricing by advertising lower prices for tickets than what consumers had to pay for them and that it deceptively claimed to impose strict limits on the number of tickets that buyers could purchase for an event, even though it allowed ticket brokers to exceed those limits. An FTC press statement states that a senior Ticketmaster executive admitted in an internal email that the companies “turn a blind eye as a matter of policy” to brokers’ violations of posted ticket limits. For example, the statement reads, an internal review showed that just five brokers controlled 6,345 Ticketmaster accounts and possessed 246,407 concert tickets to 2,594 events. And how high were the markups, you ask? Ticketmaster allegedly hid mandatory fees as high as 44% of the ticket price, and—get this—didn’t add the fees to the price of tickets until the very end of the transaction, and—surprise!—still failed to clearly detail the extra fees before consumers paid for the tickets. We'll certainly keep an eye on how this resolves. And come to think of it, we may look for a nice, hopefully more affordable, show to catch this fall.
There should be a law—or a few
In mid-September, an attorney with the National Consumer Law Center (NCLC) appeared before Congress to make the case for stronger consumer protections to combat payment fraud. During a congressional hearing titled “Fraud in Focus: Exposing Financial Threats to American Families,” senior attorney Carla Sanchez-Adams said that "payment fraud impacts all people—regardless of age, race, income, education, or political affiliation, and technology has created new ways for criminals to steal money.” According to an NCLC statement (and readers of SCAM GRAM certainly know this), consumers are plagued by problems with unauthorized transactions and fraud involving peer-to-peer payment apps, crypto-assets and exchanges, wire transfers, check alterations and forgeries, and Electronic Benefit Transfer card skimming. Sanchez-Adams called on financial institutions and companies that design and run the payment systems to take more responsibility to keep out criminals, ensure the systems are safe, and protect consumers. She also called on telecom and social media companies to take steps to block criminals from sending texts and using platforms to reach victims. Check out NCLC's four policy recommendations here. They include closing gaps in consumer protection laws; establishing interagency collaboration to assist consumers with reporting fraud; and addressing the role of telecommunications providers in facilitating fraud. A great list, indeed, that can go a long way to protect consumers.
Dinner and a show
Delivering us from false advertising. Last month, Reuters reported that online food delivery platform Grubhub agreed to pay $7.1 million to settle a class action that accused it of falsely advertising that it was partnered with thousands of restaurants. The settlement class, Reuters explains, includes about 387,000 businesses that Grubhub allegedly advertised as participants in the company's delivery services without consent. Top Class Actions explained that the 2020 lawsuit alleged that practices by Grubhub resulted in a "poor experience for restaurant patrons because Grubhub isn’t actually coordinating with the restaurant, leading to the use of outdated menus on the service, canceled orders and delayed deliveries." (We wouldn't wish such a poor customer experience on any hungry consumer, whether friend or enemy, regardless of delivery platform.) The plaintiff restaurants alleged that the practices damaged their reputations and reduced consumer demand for their services. According to Top Class Action's description of the case, plaintiffs also alleged that Grubhub's goal was to force restaurants to become actual partners. Although Grubhub denies any wrongdoing, we anticipate the settlement will help ensure an overall better experience for consumers, restaurants, and the services that deliver our daily bread.
Vegas ruse? In case you missed it, "biebergate2025" appears to serve as a back-to-basics example of what has been described as a (quite literal) impersonation scheme. No, it doesn't relate to a phishing email offering fake tickets to a Justin Bieber concert, nor to an AI rendering of Bieber making a fake product endorsement. Instead, it's about what several news headlines announced: "Justin Bieber impersonator dupes DJ, ends up on Las Vegas stage" (NBC); "Justin Bieber imposter banned from Las Vegas nightclub after duping crowd" (KRON 4); and "Justin Bieber impersonator dupes Las Vegas nightclub, sings on stage" (USA Today). As news outlets reported, one mid-August night at the XS Nightclub, in the Wynn Las Vegas Hotel, the spinning DJ was told that Bieber was in the house and wanted to perform the song "Sorry." USA today quotes DJ Gryffin as saying that he is the one who ended up being sorry when he learned, after "Bieber's" performance, that the person on stage was not the real singer. (Gryffin now refers to the imposter as "bustin jieber," according to KRON 4's report on the matter.) By all accounts, the impersonator looked and sounded like the real thing. And the public—the consumers—at the venue enjoyed the show and were none the wiser, according to reports. However, there were consequences for the impersonator. The Wynn Hotel told USA Today that he was "removed from the resort and denied future entry." The paper also mentioned an interesting twist, injecting some potentially reasonable doubt as to the facts of biebergate. The professional manager of a French Justin Bieber impersonator told USA Today that the impersonator did in fact go to the club, but that he was asked if he would like to perform. We'll let you be the trier of fact in this Vegas intrigue, and suggest you use your best judgment next time you see your favorite performer on a local stage.
Tips
Quick run to the ATM. In a recently updated article, AARP warned the public about the increasing availability of cryptocurrency ATMs and how they help criminals steal consumers' money. AARP acknowledged that, although crypto ATMs are a legitimate way to convert dollars into cryptocurrency, the machines are also a favorite tool for scammers. Citing law enforcement, AARP says that crypto ATMs are used in government impostor scams, romance scams, employment scams, and other types of fraud. AARP emphasized that "scammers love" these ATMs because they can quickly move victims’ cash into cryptocurrency accounts that are owned by criminals and are tough to trace. The article explains that, according to the U.S. Secret Service, once the money is on the crypto "block chain or public ledger,” criminals can transfer and launder it in many ways. AARP describes a case in which a consumer was told that her accounts had been compromised but that the government would help protect her money. She was provided a QR code to scan into the crypto ATM, allowing the money she deposited to go directly to the scammers' crypto wallet. The consumer ended up losing $159,000. AARP urges consumers to protect themselves, and offers a reminder by the Fairfax County Police Department in Virginia: “Legitimate businesses and government agencies don’t take payment through crypto ATMs.” Certainly straightforward, and anything but cryptic advice.
Job seekers beware. Orlando's WKMG News ran a story last week about an increasing number of job scams. The outlet shared the story of a job seeker who, after posting his resume on Indeed, received an email inviting him to interview for a delivery job. He got the job and worked on picking up and delivering items for 30 days. He then discovered that the company's website was shut down and its phone numbers disconnected. He also learned, as WKMG reported, that the Better Business Bureau had issued an alert about others having worked for the same company without getting paid. The news story featured an expert from the cybersecurity firm Trend Micro explaining that they are seeing lots of job scam text messages and that an increase in layoffs has provided scammers a lot of opportunity to take advantage of job seekers. The story includes several tips from the FTC, including a recommendation to search the company name online along with the word "scam" or "complaint." They also warn that a supposed employer asking for money should be a red flag that you're dealing with a scam. The scam victim featured in the story is not just concerned about having worked for a month without pay—he also provided the company his driver's license and Social Security number, and wonders if they might use the information to steal even more from him. For more tips on avoiding job scams and reporting any you might encounter, check out this blog post from the FTC.
Helping homeowners. Arizona Attorney General Kris Mayes recently announced a lawsuit against the alleged perpetrators of a real estate scheme that stripped vulnerable homeowners of their property. The news serves as a reminder for homeowners everywhere to be wary of equity stripping and foreclosure prevention scams. According to AG Mayes's press release, the defendants in the Arizona case operated under misleading names such as “Hands with Hope,” advertising themselves as professionals who could “rescue” homeowners from foreclosure. Instead of helping homeowners in need, the release states, the fraudsters tricked them into signing over the deeds to their homes. Fraudsters relied on lies, shell companies, and illegal notarizations to pull off the scheme, AG Mayes explained. Some of the scheme's particulars suggest several red flags that homeowners should watch for to avoid similar scams: 1) The fraudsters contacted homeowners facing foreclosure and offered to bring the mortgages current; 2) Victims were told they needed to “temporarily” transfer the property deed into a trust (in reality deeds were transferred to shell LLCs controlled by perpetrators); and 3) Victims were misled and pressured to file false bankruptcy or probate cases to prolong the scam. The AG is urging Arizonans to contact her office if they've been approached by strangers offering to buy their home or pressuring them to sign over their deed. In coverage of the news by Arizona's 3TV/CBS 5, the reporter said they would continue to report on the case in order to raise awareness of the key takeaway: If somebody knocks at your door and pressures you, and you're already in a precarious financial situation, slow everything down. Talk to a trusted real estate agent or attorney. Do not sign anything that you don't understand. Good advice, and a good case to watch.
Brush up on this. The FBI's Internet Crime Complaint Center (IC3) recently warned the public about a variation on the "brushing scam" in which criminals are sending unsolicited packages bearing QR codes. Scanning the codes prompts recipients to provide personal or financial information or to unwittingly download data-harvesting malware onto their phones. The FBI reminded consumers that the "brushing scam" is perpetrated by online vendors to increase their product ratings. Traditionally, online vendors send unsolicited merchandise to an unsuspecting recipient and then use the recipient's information to post their own positive review of the product. In the current variation, fraudsters have added QR codes to the packages to further facilitate the scheme. The packages often ship without sender information, to entice the victim to scan the QR code. Tips for staying safe include using caution before scanning QR codes in unsolicited communications or packages, and simply not scanning QR codes from unknown origins. The FBI also asks the public to report fraudulent or suspicious activities to the agency at IC3.gov. Great tips for avoiding too close of a brush with perpetrators of this scheme.
Imperfect future. In "The Dark Side of AI: Deepfakes" web article, the business digital security firm Passpack wrote about AI tactics cybercriminals are using to trick consumers. The article discusses some alarming capabilities of the technology and offers tips for staying safe. Passpack points out that cyberthieves' end goal has not changed: They want passwords, PINs, and credentials to access data systems that contain confidential information. "AI simply gives criminals the ability to make their scams more convincing," Passpack says. If you've been wondering just how much thieves can do with AI, Passpack clearly explains that criminals can master deepfake technology applications, "like Deepfake Studio or DeepFaceLab to create videos using another face and voice, and Faceswap or DeepFaceLive to face-swap or head-swap during live conference calls." The latest generative AI models, Passpack explains, can be equipped with text-to-video and text-to-audio capabilities. Criminals also use natural language processing (NLP) models to make written messages sound legitimate. Scary stuff. Passpack's tips for recognizing deepfakes include watching for 1) visual distortion (especially when the subject turns their head); 2) video interference, such as halo effects or other issues suggesting a fake background; 3) transparency issues that become apparent when, for example, the subject places their hand over their face (i.e., you can ask the speaker to touch their nose, to potentially reveal a swapped-out face); and 4) missing body parts and lip-synching issues (ask the speaker to stick out their tongue, suggests Passpack, since some deepfake apps can't render tongues or teeth accurately). Finally, this really is ironic advice that almost goes contrary to what's often said about watching for suspicious typos: Passpack warns that "in written deepfake communications you won’t find any typos, inconsistencies, rambling thoughts, run-on sentences, or anything that indicates a human wrote it. If it’s too perfect, it’s probably a deepfake." Makes you think of Goldilocks: The message can't be too perfect, or too imperfect— it's got to be just right.
Tell us how we're doing!
We'd love your feedback on how we've been doing and which of our services have been most important to you. Please fill out our (very) brief three-question survey here!
