Festival Lineup Email Scam UK: How to Spot Fake Ticket Offers
Fake festival lineup emails are flooding inboxes—but you can spot them if you know what to look for.
What is this scam?
Festival lineup email scams target UK music fans by impersonating major UK festivals. Scammers send emails claiming to announce the official lineup or offering exclusive presale access to tickets. The emails look authentic, often copying logos, fonts, and language from real festival communications. They either direct you to a fake website designed to steal your payment card details, or ask you to click a link that installs malware on your device. Some scams claim you've won a free ticket or early access, which creates urgency and excitement that overrides your normal caution.
Popular UK festivals targeted include Glastonbury, Reading and Leeds, Latitude, Download, Wireless, and summer bank holiday events. The scammers profit by stealing your card details, selling your personal information to identity thieves, or both. Unlike legitimate presale announcements which go through official festival channels, these emails arrive unexpectedly and often contain subtle but telltale errors.
Warning signs to look for
- The sender's email address doesn't match the festival's official domain—check for slight misspellings like 'glastonburry.com' or 'readingfestival-uk.co.uk' instead of the real address
- You weren't subscribed to the festival's mailing list but received the email anyway
- The email uses generic greetings like 'Dear Music Fan' instead of your name, or addresses you as 'Valued Customer'
- Urgent language like 'Limited time offer' or 'This lineup drops in 2 hours' pushes you to act without thinking
- The link in the email goes to a shortened URL (bit.ly, tinyurl) or looks nothing like the official festival website
- Grammar or spelling mistakes appear in official-looking text—real festival teams proofread carefully
- The email asks you to 'confirm your account' or 'verify your details' by clicking a link and entering payment information
- The design looks close to the real festival site but is slightly off—colours wrong, logo stretched, layout awkward
How this scam works step by step
The scam begins when you receive an email purporting to be from a major UK festival. The subject line is crafted to create excitement: '2024 Lineup Revealed' or 'Exclusive Presale Access for You'. The email contains the festival's logo (stolen from their real website) and professional-looking formatting to build trust. You click on a link labeled 'View Full Lineup' or 'Claim Your Presale Access'. This takes you to a fake website that closely mimics the real festival site. The page asks you to log in or enter your details to 'access the lineup' or 'book presale tickets'.
You enter your email address, password, phone number, and payment card details. Alternatively, the link might download malware disguised as a PDF lineup poster. Once you submit your information, scammers have your payment card details and can make fraudulent purchases immediately. They also have your email and password, which they use to access other accounts (if you reuse passwords). Your personal data is sold to identity theft gangs. You won't realise until your bank alerts you to suspicious transactions or your email account is compromised.
How to verify if it is genuine
First, never click any link in an unexpected festival email. Instead, go directly to the festival's official website by typing the URL into your browser—don't use any link from the email. Once on the real site, check the 'News' or 'Announcements' section to see if a genuine lineup announcement has been posted. Real festivals always announce lineups through their official social media accounts (Instagram, Twitter, TikTok) at the same time as email. Search Twitter for the festival name plus 'lineup'—if it's real, you'll see thousands of posts from real fans reacting.
Check the festival's official email address by looking at previous legitimate emails you may have received, or call their box office number directly. Legitimate presale details always come with a clear date, time, and direct link to the official ticketing platform (Ticketmaster, See Tickets, festival website). Be suspicious of any email offering presale access without a clear timeline. For more help checking if a website is genuine, see our full guide on identifying scam websites.
What to do if you have already interacted
If you clicked a link but didn't enter any information, your risk is lower but not zero. Delete the email immediately and run a malware scan on your device using free software like Malwarebytes. If you entered your email address only, change your password for that email account immediately—use a strong, unique password. If you entered your payment card details, contact your bank right away using the number on the back of your card, not any number in the email. Your bank can cancel the card and issue a replacement within 5-10 working days.
Monitor your bank statements and credit report for fraudulent activity over the next 3 months. If you entered personal information like your full name, address, and date of birth, consider registering with Cifas (the fraud prevention service) to get alerts if someone tries to open accounts in your name. File a report with Action Fraud as soon as possible—this creates an official record. If malware was installed, consider taking your device to a professional repair service for thorough cleaning.
Reporting this scam in the UK
Report the phishing email to the NCSC Suspicious Email Reporting Service by forwarding it to report@phishing.gov.uk—don't alter the email, just forward it as-is. You can also report it to Action Fraud by calling 0300 123 2040 or online at actionfraud.police.uk. Provide as much detail as possible: the sender's email address, the time you received it, the URL the email linked to, and what information you entered. If you lost money, report it to your bank immediately and request a chargeback. Your bank may be able to recover funds if you act quickly.
Report the fraudulent website to the festival's real social media accounts and official email—they take impersonation seriously and can request the fake site be taken down. Report the email to your email provider (Gmail, Outlook, Yahoo) by marking it as phishing. If you received the scam email at work, tell your IT department immediately. Call Citizens Advice consumer helpline on 0808 223 1133 if you need support understanding your rights or next steps—they offer free, confidential guidance to UK residents.
Frequently asked questions
Is the festival itself a scam, or just the email?
The festival is real—it's the email that's fake. Scammers impersonate legitimate, well-known festivals like Glastonbury and Reading to make their emails look trustworthy. The real festival has no involvement with the scam. This is why you should always verify announcements directly on the festival's official website or social media.
I already paid for tickets on the fake website. Can I get my money back?
Contact your bank immediately and tell them you've been scammed. If you paid by debit card, your bank may be able to stop the payment or recover funds if you report it within a few days. Credit card purchases are easier to dispute. Your bank will investigate and may reverse the charge. Report the fraud to Action Fraud as well—this helps police track scammers. Sadly, once money goes to a scammer's account, recovery is difficult, but acting fast improves your chances.
Why do these scams use festival lineups specifically?
Lineups generate genuine excitement and urgency—fans want to know who's playing immediately. When a major festival announces a lineup, people act fast without thinking carefully. Scammers exploit this by creating fake announcements that mimic real ones, knowing you'll be eager to click. Using 'presale access' is particularly clever because real festivals do offer early ticket sales to subscribers, making the fake emails seem plausible.
How do I report a fake festival email I received?
Forward the full email (including headers) to the NCSC at report@phishing.gov.uk. Report it to Action Fraud at actionfraud.police.uk or call 0300 123 2040. Mark it as phishing in your email provider (Gmail, Outlook, Yahoo). Tell the real festival's official social media accounts about the scam. The more reports they receive, the faster authorities can take action against the scammers' websites and email accounts.