A report from Kaspersky highlights the risks of being caught out by fraudsters cashing in on major sporting events
Wherever there is the potential to make a fast buck, scammers will be lurking – and that includes major sporting events.
Canada was knocked out of soccer’s World Cup over the weekend, its first appearance in more than 30 years, but for many sports fans the tournament will have cost them more than disappointment.
Global cybersecurity and digital security firm Kaspersky has identified the top five scams relating to the soccer tournament, which should serve as a warning during the remainder of this year’s event and ahead of Canada’s co-hosting duties in 2026.
The scams are not exclusive to the World Cup either and are likely to be in play for other major events.
“With this World Cup, scammers got very creative, as we have observed a variety of fraudulent schemes employed,” said Olga Svistunova, security expert at Kaspersky. “We see how they are trying to benefit most from the situation and exploit as many trendy topics as possible, including a growing number of NFT scams related to the World Cup. At the same time, there are many so-called traditional scams out there from giveaways and fake tickets to merch stores.”
Top 5 scams
Firstly, ticketing scams such as phishing, with fans tricked into clicking links to fraudulent sites that take personal and financial data. With the 2022 tournament only offering digital tickets, the risk of ending up on a fake site is elevated.
Phishing is also used in the second top 5 scam where eager fans are lured to fake competition sites where the prize is two World Cup tickets. Of course, there’s a catch: those that ‘win’ must pay a delivery fee for their tickets. Everyone is told they are successful, but only the scammers win!
Fake sites claiming to sell official merchandise are the third biggest scam related to World Cup 2022.
Cryptos and NFTs
The popularity of non-fungible tokens (NFTs), with sports stars among the biggest issuers, is also a risk.
Scams include contests to win NFTs with consumers asked to provide details of their digital wallets so that their prize can be transferred directly. In doing so, they open the door to their savings and wallet data.
Cryptocurrency investment frauds are another digital risk, with real coins generated with the promise of strong returns for investors. While the chance to own a World Cup related crypto may be attractive to some, the promised returns frequently fail to materialize.
The final scam involves accommodation and flights, with sites that generally look professional but often contain bad spelling and limited functionality recording financial data for fake bookings.
Protecting against scams
Kaspersky recommends several safeguards against sporting scams:
- Check a link before clicking. Hover over it to preview the URL and look for misspellings or other irregularities.
- It’s better not to follow links from e-mails at all. Instead, you can open a new tab or window and enter the URL of your bank or other destination manually.
- Consider what kind of information is being requested. Legitimate companies don’t contact you out of the blue via unsolicited emails to ask you for personal information such as banking or credit card details, social security number etc. In general, unsolicited messages telling you to “verify account details” or “update your account information” should be treated with caution.
- Use a reliable security solution that identifies malicious attachments and blocks phishing sites.
- Grammar and spelling check is the effective way to identify a scammer. Typos and bad grammar are red flags. So too are odd phrasing or unusual syntax, which might result from the email being translated back and forth through a translator several times.
