Unless you’ve been living under a rock recently, there’s a high chance that you’ve heard about the disaster that was Fyre Festival. The 2017 Festival has made headlines and shook almost all social media for weeks, after our favourite streaming apps, Netflix and Hulu, released competing documentaries about it. Now, this isn’t just a post to rant about the unorganised mess of Fyre showcasing everything that went wrong. No. We’re looking into the behaviour, of well, all of us online when it comes to influencers, advertisements and most importantly; cybersecurity.

You may be thinking, how the hell does cybersecurity link in with Fyre? It was just a poorly organised festival, right? Well with that being true, the co-founder of the festival, Billy Mcfarland, and his influencers have done some damage with online laws. 

Influencers and the FTC

McFarland and Ja Rule knew what they were doing when they spent almost all their budget on marketing. They wanted a quick response on a huge scale. Who better than the worlds top models to be promoting your event? Kendall Jenner was reportedly paid $250,000 for posting one orange tile on her Instagram, telling her fans to buy tickets.  Millions were spent on marketing and it seemed to have worked creating a huge buzz. However, tickets sold slow resulting in them being discounted questioning if influencer marketing was even worth it. 

Another issue raised was that only one out of the 40-odd models labelled their post as an ad; a requirement by the Federal Trade Commission. This has resulted in all the other models being the subject of a class-action lawsuit.

“These ‘sponsored posts’ were in direct violation of Federal Trade Commission guidelines on disclosing material connections between advertisers and endorsers. Social Media ‘influencers’ made no attempt to disclose to consumers that they were being compensated for promoting the Fyre Festival. Instead, these influencers gave the impression that the guest list was full of the Social Elite and other celebrities.”

This can remind us of all the warnings we get around big promotion days like Black Friday or Boxing Day. We’re told that some things online are just too good to be true or you’ll get scammed. Why would Fyre Fest be like that when the worlds biggest influencers are backing it? Well, the fact is they had no idea what they were endorsing.

Phishing

The most important piece, I found, after Fyre was McFarland’s next project. The Netflix documentary shows masses of emails being sent to the thousands of attendees of the festival. These emails promoted VIP tickets from Taylor Swift meet and greets to attending the Met Gala. The list of discounted VIP opportunities being sent from the Fyre Fest mailing list went on and on. However, all of these offers were lies and could easily be debunked over a quick google search. 

Phishing emails are extremely common and are now one of the most popular cyberattacks used and abused, with more than 90 percent of all successful cybersecurity attacks begin with email phishing. Although not abnormal for the public to receive phishing emails, it was unusual to see only people who purchased a ticket being targeted. Unless of course there was an insider behind the whole scam. 

McFarland was charged with wire fraud and money laundering in connection with the fake ticket scheme, which defrauded at least 15 customers out of about $100,000. This was after being released on bail for already pleading guilty in March to two counts of wire fraud for defrauding Fyre Festival investors and ticket vendors of about $26 million. 

The Bigger Picture

The bigger picture of McFarland’s ticket-fraud shows that phishing attacks are done by much more than just a hacker behind a computer. A cybercriminal can have many connotations but you typically wouldn’t be quick to point your finger at the big business entrepreneur. 

Also, according to the recent changes in GDPR, a person should consent to be on a mailing list. McFarland took his previous Fyre mailing list and used it as a target for his next scam. Although these people targeted may have subscribed to Fyre Festival’s mailing list, they did not consent to receive emails from a completely different company. McFarland stayed hidden as the face of this company he had created to avoid any indication that the scam was his. This could’ve put those involved in even more hot water.

However, this regulation only applies to the EU, so Mcfarland has been lucky to avoid a hefty fine and potential further prison sentence. 

Scams are getting a lot harder to spot and an email scam doesn’t consist of a message saying “OMG what are you doing in this picture! :/” or “Hey [your name]” anymore. Phishers are becoming smarter and more tactical and it wouldn’t be the worst thing to assume that they’re closer than you think. McFarlands email-scam is the biggest indication that phishing is growing; it’s not going to go away anytime soon. (Neither is THAT sandwich photo)Do you need advice on how to protect yourself online? Or would you like to look into a secure network, server, or service?  Contact us here at Cloudserve.