Bots — automated programs that can complete tasks online exponentially faster than us poor meatbags — have been a plague on concert ticket-buying audiences for decades.

A single bot can buy a thousand or more tickets in less than 60 seconds. There are examples of a few bots hoovering up 15,000 tickets in a single day. When a hot show goes on sale, it is estimated that at least 40 percent of the traffic to the ticket site is bots. In some cases this number was as high as 96 percent.

Thousands of these things are online, rushing you out of the queue, grabbing tickets, and then immediately sending them to reseller sites at huge markups. You can get “a maximum of four tickets per person” in less time than it takes to enter your credit card information.

How do they work? The speed of the bot attack and the volume of bots overwhelm the system and surpass humans once sales start in the nanosecond range.

A specialized bot creates hundreds or even thousands of accounts on, say, Ticketmaster, or somehow manages to take over existing accounts by guessing passwords or cracking credentials. While everyone is waiting for tickets to go on sale, the buying bot (bots in the plural; there is never just one) simulates many people lining up to buy.

When the sale begins, the purchasing process is completed using a script. Programs known as “expediting bots” can open 100 purchase windows at once and proceed directly to checkout. Others simply put tickets in a shopping cart, making them unavailable to everyone else. The tickets remain there until they can be purchased and then passed on to a resale location. This tactic is called “denying inventory.”

Some people use credit card fraud when purchasing. Others get around the “X tickets per person” rule. Bots are operated by ticket resellers, foodservice establishments, and large corporations that want to secure seats for customers. Others are part of a criminal enterprise. And quite a few are run by individuals. A quick Google search will bring up websites that will sell you a ticket buying bot for $300 to $900. I’ve even found some that charge less than $100. Other websites will tell you how to create your own building.

Who is responsible for this scourge? Looking back in history, it involves a former insurance salesman from Arizona named Ken Lowson, a ticket salesman who found a teenage programming genius in Bulgaria in 2001. Together, they developed an automated concert ticket purchasing program that they continually refined to make it faster and more ruthless when it came to purchasing tickets.

His company, ironically named Wiseguy, made tens of millions of dollars selling tickets between 2001 and 2010. Lowson claims that at one point in the 2000s his company dominated “90 percent of ticket sales” in the United States

Initially using just four computers, Wiseguy began using autofill scripts, which meant staff didn’t have to type the same boring things over and over again, giving them a speed advantage over individual fans. From then on, the programs became more sophisticated and evolved to the point where little human intervention was required. Each new bot was assigned a “power” ranking. For example, a “500 Power” bot was equivalent to 500 people buying tickets. It didn’t take long for Lowson’s crew to hoover up 20,000 tickets in two minutes.

Trending now

• No-Pants-Tube-Ride wants to put a smile on the faces of Londoners in the middle of a bleak winter

• Armed with a garden hose, a Los Angeles resident saves his home from a forest fire

Timing and speed improved by milliseconds. At one point, Wiseguy had 30 servers across the US ready to pounce on tickets as soon as they went on sale. Some sold them through their own channels and others sold tickets to ticket brokers.

His greatest success came during U2’s Vertigo tour, when Wiseguy stole thousands of tickets intended for the band’s official fan club. He used a few credit cards to buy $200,000 worth of special codes for fan club members. Lowson’s overall assessment? Just over $2.3 million. U2 ended up in a lot of trouble because of the lack of security to protect these valuable codes.

Wiseguy was raided by the FBI in 2009 and forced out of business. 42 charges of hacking and fraud were filed against Lowson. A deal kept him from going to prison. The last I heard, he ran a company that helps fans defeat the bots.

Yes, bots are officially illegal in many countries. And yes, Ticketmaster and other major sellers are doing their best to combat bots. But the technology is improving so quickly and the tactics are so devious that it has become an endless game of whack-a-mole.

Ticketmaster has to deal with billions of bot attacks every year. Remember the Taylor Swift Eras ticket fiasco in November 2022? According to my sources, three billion bot attempts were rejected that day. Who knows how many made it?

Many operators have moved to areas beyond the reach of governments in Canada, the US, the UK and Australia – all areas where anti-bot laws are in force or currently being proposed. Today, bot operators work in places where there is little control, including Eastern Europe, Gibraltar, Panama and even the Isle of Man in the United Kingdom. Identities are masked with proxy IP addresses and VPNs.

There are now tech sweatshops in countries like India where dozens of people enter characters into CAPTCHA (things designed to ensure your humanity) fields to crack the code for bots.

Discouraging, isn’t it? I wish I had good news or a way around this nastiness, but I don’t. The best I can offer is to join your favorite artist’s fan club and hope your code doesn’t get stolen by someone like Ken Lowson.

&Copy 2025 Global News, a division of Corus Entertainment Inc.