AI Fuels Sophisticated Scams Targeting 2026 World Cup Fans
Quick Look
- The 2026 FIFA World Cup presents a prime opportunity for cybercriminals, who are leveraging AI to create sophisticated scams.
- Fake tickets, fraudulent services, and phishing campaigns are becoming harder to detect due to AI-generated websites and deepfake technology, impacting millions of fans.
AI-generated summary
Why It Matters
The 2026 FIFA World Cup, cohosted by the US, Canada, and Mexico, is facing an unprecedented wave of AI-powered cybercrime targeting fans with sophisticated scams like fake ticket sales and phishing campaigns.
You got a World Cup ticket. It arrived in your inbox with a QR code, professional branding, and a confirmation email that looked like the real thing. Unfortunately, it wasn’t.
For years, spotting a scam was relatively simple. A suspicious email address, broken English, or an obvious typo were often enough to raise suspicion. But at the 2026 FIFA World Cup, those old warning signs are disappearing. AI-generated websites, deepfake videos, fabricated audio, and convincing phishing campaigns are making it easier than ever for criminals to impersonate legitimate organizations.
With the United States, Canada, and Mexico cohosting 104 matches across 16 cities, the largest World Cup in history has created an unprecedented opportunity for cybercriminals.
More than 13,000 FIFA-themed domains were registered between January and May 2026. By early May, roughly one in 41 had already been identified as suspicious or malicious—before a single match had been played, according to Tarek Jammoul, regional managing director at cybersecurity firm TrendAI.
FIFA estimates that more than 6 million fans will fill stadiums to watch the tournament. In fact, more than 150 million tickets were requested within the first 15 days of the sales window alone, making this edition approximately 30 times oversubscribed compared to previous tournaments.
“The World Cup is the perfect opportunity for scammers—you couldn’t create a better one,” says David Holtzman, chief strategy officer at Naoris Protocol, a cybersecurity and blockchain company. “This is soccer. It feels fun and harmless, which lowers people’s defenses.”
For more than a decade, phishing has emerged as the most prevalent type of online scams. Spear phishing—a more targeted form of phishing in which attackers use information gathered from search engines, social media, and other online sources to create more convincing messages—presents an even bigger threat for World Cup fans this year.
The scale of the operation is enormous. Research led by cybersecurity firm Group-IB identified more than 4,300 fraudulent domains impersonating FIFA’s official web presence, alongside six parallel fraud schemes and four independent threat actors operating ahead of the tournament.
Common scams include fake ticket sales, fraudulent immigration or visa-related services, and misleading accommodation offers. Fans are also warned to look out for counterfeit merchandise and websites impersonating official tournament branding.
“When we supported the Qatar Supreme Committee for Delivery & Legacy (SCDL2022) [at the 2022 FIFA World Cup], the threats we helped identify were serious but still relatively recognizable—fake ticketing pages, survey scams offering free mobile data, and a malicious Android app promising live broadcasts, among others,” says TrendAI's Jammoul.
The scams themselves have not changed dramatically. The difference is the technology behind them.
“At Qatar 2022, we saw fake streaming domains, data-bait survey scams, and crypto schemes using footballers’ likenesses. Those same categories are staging again now, only larger and more AI-polished,” Jammoul says.
The Scammers Are Using AI Too
“There’s been an astronomical increase in scams over the past two years, and AI is a big reason why,” says Holtzman, of Naoris Protocol. According to experts, AI isn’t inventing entirely new attack methods—it’s making attackers far more efficient than they were before.
By generating highly personalized, professional-looking emails at massive scale and helping attackers create convincing fake websites, AI is dramatically expanding the threat landscape.
At the same time, AI is also becoming one of the cybersecurity industry’s most powerful defensive tools. By analyzing vast amounts of data and detecting unusual patterns, it can help identify suspicious domains and anticipate emerging threats. But technology alone may not be enough.
Companies are increasingly relying on collaboration between platforms, cybersecurity firms, and law enforcement to track potential threats. Meta, for example, says it has worked through initiatives such as the Global Signal Exchange (GSE) and Fraud Intelligence Reciprocal Exchange (FIRE) to identify and disrupt coordinated scams targeting users.
Read More
Crypto-Funded Chinese Peptide Labs Are Booming
Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite mystery may have been solved, and more.
The FCC Wants to Kill Burner Phones
Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more.
Redditors Are Using AI to Beat Obscene World Cup Ticket Prices
Soccer fans on r/WorldCup2026Tickets are using Claude to build DIY ticketing software, exchanging on back channels, and leaving scalpers scrambling.
The US Is Requiring Foreign Influencers to Get Work Visas for the 2026 World Cup
FIFA announced agreements with platforms such as TikTok and YouTube that include the participation of dozens of international influencers to generate content in the three host countries.
Soccer Fans, You’re Being Watched
From anti-drone tech to face recognition, 2026 World Cup stadiums in the US, Canada, and Mexico are subjecting fans to an array of surveillance tech. Here’s what you need to know.
Meta Copies Snapchat’s Homework Again With ‘Plus’ Features for Instagram and Facebook
Meta’s upcoming Instagram Plus and Facebook Plus subscriptions are the latest example of the company seeing what works elsewhere and mimicking it.
Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks
Customer data from more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.
Americans Are Trading Billions of Dollars on Polymarket’s Banned Offshore Platform
It’s the first estimate of how many Americans are sneaking onto Polymarket’s banned crypto-based platform.
Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones
Code reviewed by WIRED uncovered an unreleased face-recognition system embedded in Meta’s smart glasses platform. It’s designed to identify people via biometric data stored on users’ phones.
Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps
The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.
Websites Can Now Spy on You Through Your Hard Drive
Thanks to the newly detailed FROST technique, telltale SSD activity can be measured in the browser using simple JavaScript.
A Court Has Ruled That Google Is Liable for False Statements Generated by AI Overviews
The ruling holds that a company that designs, trains, operates, and manages an AI system must assume legal liability for any damages caused by the responses it generates.
What to Watch
AI outlook — possibilities, not facts
Scammers will increasingly use AI for personalized phishing and deepfake content.
Very likely · Within months
Increased collaboration between tech companies and law enforcement to combat AI-driven scams.
Likely · Within months
Open Questions
- Effectiveness of AI in defense against AI scams?
- Law enforcement's capacity to combat these threats?
- Fan awareness levels regarding new AI scams?






