The 2026 World Cup ticket trap. The method by which supporters' bank details are extracted by clone sites
As interest in the FIFA World Cup 2026 grows, cyber security experts warn that the number of online fraud attempts is also multiplying rapidly: cybercriminals are taking advantage of the excitement of fans who are already planning their holidays for the tournament to be held in the United States, Canada and Mexico.
Scammers are taking advantage of travelers' interest in the 2026 World Cup
Thousands of fans are already buying plane tickets, booking hotels and searching for match tickets, and this intense activity has become an ideal opportunity for phishing networks and online scams. According to the security company, attackers use fake websites, non-existent offers and emails impersonating well-known companies to steal money and personal data.
Fake sites and non-existent “prizes”.
At the end of April 2026, cybersecurity specialists identified a phishing campaign that used the image of a popular transportation app to target users in Mexico. On a fake website, made in Spanish and almost identical to the original platform, users were invited to enter their phone number and password to “claim special prizes” dedicated to World Cup fans.
Example of a fraudulent website imitating a popular service
In reality, the attackers' goal was to steal authentication data. Once the information was entered, victims' accounts could be compromised, and their bank or personal data later exploited in other frauds.
Experts warn that such campaigns are becoming increasingly sophisticated, as criminals perfectly copy the visual identity of well-known brands, including official logos, colors and graphics.
Cheap tickets and holidays that don't exist
Another method used by scammers involves promoting fake offers for transport and accommodation. According to Kaspersky Digital Footprint Intelligence, ads have already appeared on obscure forums and dark web platforms promising plane tickets, hotel reservations or access to matches at prices up to 20% lower than the official ones.
Example of an ad for darknet services exploiting interest in the World Cup
Experts say these “promotions” are created specifically to take advantage of the pressure and rush of fans to find available seats before they sell out. In many cases, victims pay for services that never exist, and recovery of money is almost impossible.
The risk is even greater in the case of payments made through methods that are difficult to trace, such as cryptocurrencies or direct transfers between people.
Homeowners and tourism companies, targets of hackers
Scammers are not only targeting supporters, but also entrepreneurs in the tourism industry. Landlords offering short-term accommodation in competition host cities have become an important target for phishing attempts.
Wave of cyber threats: 500,000 dangerous files detected daily in 2025. How to protect yourself
Example of a fraudulent website imitating a popular service
Cyber security specialists identified fake sites imitating well-known booking platforms and asking for owners' credentials. Once accounts are compromised, attackers can alter payment data, post fake ads, or fraudulently withdraw money.
Example of blocked fraudulent email
In parallel, companies also receive emails claiming to come from airline operators or commercial partners involved in the organization of the tournament. In those messages, scammers propose fictitious partnerships, contracts or collaborations for tourism and logistics services.
To appear credible, they submit forged documents, including supplier registration forms, contracts and confidentiality agreements. In some cases, the ultimate goal is to steal banking data or infect company systems with malware.
How users can protect themselves
Experts recommend carefully checking all sites before entering personal or banking information. Users should carefully review the URL, any spelling mistakes, and page design.
Also, the purchase of tickets and reservations should be made exclusively through official platforms or authorized partners.
Among the most important protective measures are:
- enable two-step authentication (2FA);
- using different passwords for each account;
- monitoring bank transactions;
- avoiding “too good to be true” offers;
- installing a modern cyber security solution.
Experts say its anti-phishing solutions based on artificial intelligence are constantly updated to detect new types of online fraud, including those that exploit major sporting events.
How cars can be stolen using on-board computers. Warning from cyber security experts
Global events, fertile ground for online fraud
Cyber security specialists point out that major sports competitions, concerts or international festivals constantly generate waves of online scams. The huge public interest, combined with the rush to get tickets or accommodation, creates ideal conditions for attackers.
In recent years, similar frauds have also been seen around events such as UEFA Euro 2024, Paris 2024 Olympic Games or major international concerts, where thousands of users have been tricked by fake tickets, clone websites and fraudulent apps.
