A seemingly authentic **World Cup** ticket, complete with a QR code and professional branding, could be your gateway to a sophisticated scam. The traditional red flags of online fraud—suspicious email addresses, grammatical errors, or obvious typos—are rapidly disappearing, replaced by AI-generated content that blurs the line between legitimate and malicious. With the United States, Canada, and Mexico co-hosting 104 matches across 16 cities, this historic **World Cup** presents an unparalleled opportunity for cybercriminals. Between January and May 2026, over 13,000 FIFA-themed domains were registered. By early May, roughly one in 41 had already been flagged as suspicious or malicious, even before a single match was played, according to **Tarek Jammoul**, regional managing director at cybersecurity firm **TrendAI**. **FIFA** estimates that over 6 million fans will fill stadiums, with more than 150 million tickets requested within the first 15 days of sales. This makes the tournament approximately 30 times oversubscribed, creating fertile ground for scammers. “The World Cup is the perfect opportunity for scammers—you couldn’t create a better one,” says **David Holtzman**, chief strategy officer at **Naoris Protocol**, a cybersecurity and blockchain company. “This is soccer. It feels fun and harmless, which lowers people’s defenses.” Phishing remains the most prevalent online scam, with spear phishing, a more targeted variant, posing an even greater threat. Attackers now leverage information from search engines, social media, and other online sources to craft highly personalized and convincing messages. The scale of these operations is immense. Research by cybersecurity firm **Group-IB** identified over 4,300 fraudulent domains impersonating **FIFA**'s official web presence, alongside six parallel fraud schemes and four independent threat actors operating ahead of the tournament. Common scams include fake ticket sales, fraudulent immigration or visa-related services, and misleading accommodation offers. Fans are also warned to look out for counterfeit merchandise and websites impersonating official tournament branding. “When we supported the **Qatar Supreme Committee for Delivery & Legacy (SCDL2022)** at the 2022 FIFA World Cup, the threats we helped identify were serious but still relatively recognizable—fake ticketing pages, survey scams offering free mobile data, and a malicious Android app promising live broadcasts, among others,” says **TrendAI**'s Jammoul. While the core scam types haven't dramatically changed, the underlying technology has. “At **Qatar 2022**, we saw fake streaming domains, data-bait survey scams, and crypto schemes using footballers’ likenesses. Those same categories are staging again now, only larger and more AI-polished,” Jammoul explains. ## The Scammers Are Using AI Too “There’s been an astronomical increase in scams over the past two years, and AI is a big reason why,” says Holtzman. Experts note that AI isn't inventing entirely new attack methods; instead, it's significantly enhancing attackers' efficiency. By generating highly personalized, professional-looking emails at massive scale and helping attackers create convincing fake websites, AI is dramatically expanding the threat landscape. This allows criminals to launch more sophisticated and widespread campaigns with less effort. Conversely, AI is also emerging as a powerful defensive tool for the cybersecurity industry. By analyzing vast amounts of data and detecting unusual patterns, it can help identify suspicious domains and anticipate emerging threats. However, technology alone may not be sufficient. Companies are increasingly relying on collaboration between platforms, cybersecurity firms, and law enforcement to track potential threats. **Meta**, for example, has engaged in initiatives such as the **Global Signal Exchange (GSE)** and **Fraud Intelligence Reciprocal Exchange (FIRE)** to identify and disrupt coordinated scams targeting users.