AI-powered scams target 2026 World Cup fans at scale

Key Takeaways

• More than 13,000 FIFA-themed domains were registered between January and May 2026, with roughly 1 in 41 already flagged as suspicious before the tournament started
• AI-generated phishing campaigns now lack the grammar errors and broken English that once made scams easy to spot
• Security researchers identified over 4,300 fraudulent domains impersonating FIFA's official presence, operated by at least four independent threat actors

The 2026 FIFA World Cup has become a hunting ground for cybercriminals, and the usual defenses are failing. More than 13,000 FIFA-themed domains were registered between January and May 2026. By early May, roughly 1 in 41 had already been flagged as suspicious or malicious, according to Tarek Jammoul, regional managing director at cybersecurity firm TrendAI. That's before a single match was played.

The scams haven't changed much in form. Fake ticket sales, fraudulent visa services, counterfeit merchandise, and misleading accommodation offers remain the standard playbook. What's different is how polished they've become. AI-generated websites, deepfake videos, fabricated audio, and convincing phishing campaigns now make it trivially easy for criminals to impersonate legitimate organizations.

Why this World Cup is uniquely vulnerable

The numbers tell the story. This is the largest World Cup in history: 104 matches across 16 cities in the United States, Canada, and Mexico. FIFA estimates more than 6 million fans will fill stadiums. Over 150 million ticket requests came in during the first 15 days of sales, making this edition approximately 30 times oversubscribed compared to previous tournaments.

High demand plus limited supply equals desperation. And desperate buyers make easy marks.

"The World Cup is the perfect opportunity for scammers—you couldn't create a better one," says David Holtzman, chief strategy officer at Naoris Protocol, a cybersecurity and blockchain company. "This is soccer. It feels fun and harmless, which lowers people's defenses."

How AI changed the game for attackers

For years, spotting a scam was relatively simple. A suspicious email address, broken English, an obvious typo. Those red flags are vanishing. Generative AI tools can now produce flawless copy in any language, complete with professional branding and convincing confirmation emails.

"There's been an astronomical increase in scams over the past two years, and AI is a big reason why," says Holtzman. AI isn't inventing new attack methods. It's making existing methods dramatically more efficient and harder to detect.

Research from cybersecurity firm Group-IB identified more than 4,300 fraudulent domains impersonating FIFA's official web presence. They also found six parallel fraud schemes and four independent threat actors operating ahead of the tournament. That's an organized, industrial-scale operation.

Jammoul, who supported the Qatar Supreme Committee at the 2022 World Cup, says the threats then were "serious but still relatively recognizable—fake ticketing pages, survey scams offering free mobile data, and a malicious Android app promising live broadcasts." Today those same categories are staging again, "only larger and more AI-polished."

Defenders are using AI too, but it's not enough

The same technology powering scams is now deployed defensively. AI can analyze vast amounts of data, detect unusual patterns, identify suspicious domains, and anticipate emerging threats. Cybersecurity companies increasingly rely on machine learning to match the speed and scale of attackers.

"We can predict what future attacks may look like by using the same technology attackers are using—but for defense," says Kristopher Russo, a principal threat researcher at Palo Alto Networks' cybersecurity wing, Unit 42.

But technology alone isn't solving the problem. Companies are turning to cross-platform collaboration. Meta says it has worked through initiatives like the Global Signal Exchange and Fraud Intelligence Reciprocal Exchange to identify and disrupt coordinated scams. Through collaboration with Visa, Meta helped identify and take action against a network on Facebook using spoofed branding to collect personal and financial information.

"Through collaboration with Visa via the GSE, we helped identify and take action against a network on Facebook that was using spoofed branding and promoting fake offers designed to mislead people into sharing personal or financial information," says Basma Ammari, director of public policy MENA at Meta.

What fans should actually watch for

The old advice still applies, even if the tells are harder to spot. Be suspicious of any ticket offer that doesn't come through official FIFA channels. Verify domain names character by character. Ignore urgency cues like "last chance" or "only 2 tickets left." Assume any unsolicited email about World Cup tickets, visas, or accommodations is a scam until proven otherwise.

The newer advice: don't trust production quality as a signal of legitimacy. AI can now generate pixel-perfect fake websites and convincing deepfake endorsements. A professional-looking email means nothing.

• Only purchase tickets through FIFA's official website or authorized resellers
• Check domain names carefully for subtle misspellings or character substitutions
• Never share payment information through links in emails or social media messages
• Use credit cards with fraud protection rather than wire transfers or cryptocurrency
• Report suspicious sites to FIFA and local cybersecurity agencies

Frequently Asked Questions

How many fake FIFA domains have been registered for the 2026 World Cup?

More than 13,000 FIFA-themed domains were registered between January and May 2026. Of those, roughly 1 in 41 had already been identified as suspicious or malicious before the tournament began.

Why are World Cup scams harder to detect now?

AI tools enable scammers to generate professional-looking websites, emails without grammar errors, deepfake videos, and convincing audio at scale. The traditional red flags like broken English and obvious typos have largely disappeared.

What types of scams are targeting World Cup fans?

Common scams include fake ticket sales, fraudulent visa and immigration services, misleading accommodation offers, and counterfeit merchandise. Researchers identified over 4,300 domains impersonating FIFA's official presence.

How can I verify if a World Cup ticket is legitimate?

Purchase only through FIFA's official website or authorized resellers. Check domain names carefully for misspellings. Never buy tickets through links in unsolicited emails or social media messages.

Are cybersecurity companies using AI to fight these scams?

Yes. Companies like Palo Alto Networks are using AI to detect suspicious domains and predict future attacks. However, security experts say technology alone isn't enough and collaboration between platforms, cybersecurity firms, and law enforcement is essential.

Source: Feed: Artificial Intelligence Latest / Jumana Naim