Fans attending the ongoing FIFA World Cup 2026 face growing risks from online scams, fake ticketing platforms and AI-powered fraud schemes, according to a report released on Thursday.
The report by ACI Worldwide found that fraudulent orders averaged $405 during the pre-tournament build-up, nearly 1.5 times the average legitimate transaction value of $270. The company said average fraudulent transaction values could once again approach the $400 mark during the World Cup.
An analysis of 24.5 million transactions across 61 live-event merchants serving global audiences showed that fraud risks remain elevated during the tournament.
Fraudsters are increasingly focusing on higher-value purchases, with fraud pressure expected to remain high through the opening stages of the tournament, being hosted by the United States, Canada and Mexico.
The rise in fraudulent activity has been accompanied by a sharp increase in fake websites. Silent Push, a US-based threat intelligence firm, has identified more than 300 pixel-perfect replica ticketing websites designed to deceive fans.
Check Point Research, the research arm of cybersecurity company Check Point Software, recorded 9,741 fraudulent World Cup-related domains registered in April 2026 alone.
Cybersecurity firms and law enforcement agencies have warned that scammers are increasingly using automation and artificial intelligence to scale their operations. Fortinet counted more than 13,000 tournament-themed domains registered between January and May 2026.
The report also highlighted the growing use of alternative payment methods (APMs), which recorded an attempted fraud rate of just 0.57 per cent compared with 3.97 per cent for traditional card payments — a sevenfold difference.
APM adoption has climbed from 7 per cent of transactions in 2022 to 24.8 per cent year-to-date in 2026.
During the pre-tournament period, domestic cards recorded an attempted fraud rate of 3.2 per cent, compared with 1.4 per cent for cross-border cards, reflecting fraudsters’ preference for locally issued credentials.
[IANS]
