Ticketmaster systems exploited for phishing campaign

TL;DR - Phishing campaign is using a Ticketmaster domain for obfuscation. I don't know if this an exploit, but I can't report it to Ticketmaster because they don't have a contact center.

One of the things I monitor is user reported phishing emails. One such was a M365 "Account password expiring" phish that we've all seen a million times. The link is interesting though becuase it's a real Ticketmaster subdomain that appears to be used for their marketing. It has …

account campaign center cybersecurity domain don emails exploit exploited link m365 marketing monitor obfuscated obfuscation password phish phishing phishing campaign phishing emails report subdomain systems things ticketmaster