The 2026 World Cup officially kicked off on June 11, 2026. Along with the heat of the tournament, the number of bad actors taking advantage of the excitement of fans has also increased significantly. Kaspersky has recorded at least 336 separate domain names created to impersonate official World Cup information sources. In addition, cybercriminals are also increasingly taking advantage of the increasing demand for users to watch live matches and participate in sports betting.
Fake broadcasting tricks
Right from the start of the tournament, millions of fans around the world watched live matches on TV and many other devices. In parallel, fraudsters set up a series of websites advertising the service of "watching online" World Cup matches.
This trick works as follows: Thieves create fake websites claiming to provide free access to World Cup broadcasts. After pressing the "Watch now" button, users are asked to register an account to continue accessing the content.
Next, they will be asked to pay in cryptocurrencies to buy a "lifetime access to the tournament" package. The risk of this form of fraud is not only in the loss of paid cryptocurrencies but also in the possibility that user registration information is stolen and used for bad purposes.
Betting trap
Another trick aimed at football fans is through fake betting and match result prediction platforms. For example, Kaspersky discovered a Spanish-language website that requires users to provide a series of personal information to create accounts such as full name, email address, phone number and many other data.
This can lead to the risk of theft of login information, while potentially causing financial damage, and more seriously if users use the same password for many different services.
A similar variant also targets Portuguese-speaking users. The scam website displays the schedule of upcoming matches and asks users to provide their full name, email and other personal information to participate in betting.
Trap mailbox
Another recorded attack scenario is through emails enticing users to transfer money or click on fake links (phishing). In one case, football fans receive emails advertising match analysis services and predicting match results at the World Cup.
A notable sign is that these emails often create a sense of urgency, urging recipients to act immediately. This is a familiar trick often used in online scam campaigns.
Advice
Faced with the above threats, to limit the risk of becoming a victim, Kaspersky recommends users:
- Check the authenticity of the website before entering any personal information. Carefully review the URL address and how to write the organization name to detect signs of forgery.
- Only use official and reputable broadcasting platforms to protect personal data from the risk of being stolen or used for bad purposes.
- Use reliable security solutions capable of identifying malicious attachments and blocking fraudulent links.
- Activate multiple-factor authentication (MFA) and regularly monitor your account. Turn on two-factor authentication (2FA) for digital identification accounts, financial applications and check transaction history periodically to promptly detect unusual or illegal activities.
