Cybercriminals exploit Fifa World Cup fans with scams

Businesses along Roosevelt Avenue display flags, football shirts and banners ahead of the World Cup on June 9 in the Queens borough of New York City. AFP

Cybercriminals are using the Fifa World Cup to launch scams and steal credentials, warns FortiGuard Labs, the research arm of cybersecurity firm Fortinet.New research from FortiGuard Labs reveals cybercriminal infrastructure linked to this year's World Cup is already operational. The tournament runs from Thursday to July 19.

From January to May, more than 13,000 new World Cup-themed domains were registered.

Roughly 8.8% of these domains were identified as malicious or suspicious through pattern analysis and scam activity, noted the research, misusing Fifa branding and including terms related to ticketing, streaming services, betting platforms and hospitality.

Threat actors have created hundreds of fake websites that appear legitimate enough to earn fans' trust for a few critical seconds while they search for tickets, resale options, match streams, travel packages and official merchandise.