Stay Safe: Top Tech Tip to Avoid World Cup Ticket Scams Online

Looking for a World Cup ticket? The buzz around the soccer tournament now under way across North America might inspire a last-minute search online, but fans should be wary of cyber scammers.

Experts and authorities warn that criminals will be deploying a range of tactics targeting soccer fans desperate to attend big-name matches at the event, which kicked off June 11. The World Cup runs until July 19, and the most important games are still to come.

With FIFA charging record ticket prices, some games are sold out, but plenty more have seats remaining.

Here are some pointers on how to avoid getting scammed:

Take your time to consider what you’re being offered

If you see a Facebook post offering last-minute tickets to a popular game at a good price, take a beat before handing over your money. Ask yourself if the offer is too good to be true.

As with many other types of scams, World Cup fraudsters will try to capitalize on surging demand to pressure people into paying for non-existent tickets.

Watch out for classic pressure phrases such as “lots of interest” or “I need to sell right now,” the Britain’s Home Office warned fans last month as part of an ongoing fraud awareness campaign.

“Scammers often use urgency to push you into making hasty decisions,” it said.

Be careful on social media because it’s rife with scams

Social media sites are a cesspit of soccer scammers.

The U.S. Federal Trade Commission warned fans in a March consumer alert that fraudsters use social media posts to funnel people to scam websites, where they advertise fake tickets or sell the same seat to many people.

Or, according to the British government, scammers might advertise a spare ticket on social media, then move the discussion to an encrypted messaging app like WhatsApp and push the buyer to transfer money to a bank account before blocking the victim and disappearing.

Meta Platforms announced two weeks ahead of the event’s kickoff that when Facebook users search for World Cup tickets, they will see pop-up notifications reminding them to buy tickets from verified sources and telling them how to report suspicious listings.

Experts say criminals are using artificial intelligence to create realistic messages, polished online storefronts and convincing fake endorsements and promotions.

“My advice: assume any World Cup deal that reached you through a social media ad or search result is suspect until proven otherwise,” said Chris Olson, CEO of digital safety company The Media Trust.

He said the World Cup is fueling a surge of “phishing attacks and cloaking schemes.”

In general, “AI-powered phishing campaigns are becoming more sophisticated, more targeted, and more difficult to detect. We’ve seen it all, from data harvesting to fake ticket sales,” Olson said

Watch out for copycat FIFA sites

To obtain World Cup tickets, fans should first go to the official FIFA website ticket for direct or secondhand sales. Resale tickets are also available on established third-party sites like StubHub and SeatGeek, though FIFA warns that buying outside official channels risks fake or invalid tickets, or inflated prices.

Another danger is copycat FIFA sites. The FBI warned in a public service announcement that scammers are creating spoof FIFA websites to trick people into providing personal details or sell fake tickets or hospitality packages.

The bureau listed three dozen spoof FIFA websites it’s aware of with URLs that appear at first glance to be authentic, such as fifa-online.com and fifa-ticket.live. Most have stopped working and some have been flagged as malware, but the FBI warned new ones would continue to appear.

The FBI outlined a number of precautions fans should take, such as typing fifa.com directly into your browser’s address bar instead of using a search engine. If you do resort to Google, avoid clicking on sponsored search results, which the agency said could be “paid imitators” trying to divert online traffic.

Avoid dodgy sites for streaming World Cup games

Many more fans won’t be able to make it to a game in person and will instead try to catch the action on TV.

But not all matches will be available on free broadcasts, and experts warn that scammers will try to tap demand by setting up dodgy streaming sites.

Cybercriminals typically set up copycat sites and promote them on Telegram, Facebook, Discord, Reddit and other online forums, according to a report by Assaf Morag, a researcher at cybersecurity company Flare.

Based on experience from previous major sporting events, illegal streams will pop up right before a game kickoff. Crooks then deploy myriad methods, including showing viewers scam ads and fake software updates, harvesting their data, or earning commissions by sending them to gambling or adult content sites.

“Nearly 40% of users who access illegal streams experience direct financial losses due to scams, fraud, or compromised payment information,” Morag said. “The trap is incredibly easy to fall into. You click a ‘Play’ button, and the site immediately forces your browser through multiple hidden layers of tracking, pop-ups, and advertising infrastructure explicitly designed to hide malicious software — all while the match never actually loads.”

___

Is there a tech topic that you think needs explaining? Write to us at [email protected] with your suggestions for future editions of One Tech Tip.