Australians planning to attend the FIFA World Cup in North America next year are being warned to watch for ticketing and related scams that typically surge around major sporting events, according to an article by Geoff Schomburgk, vice president for Asia Pacific & Japan at Yubico.
Schomburgk says cybercriminals are increasingly using fake resale listings, phishing emails and counterfeit offers for accommodation, transport and merchandise to exploit demand and urgency among fans. He argues that the realism of scams has increased, including the use of AI-generated content designed to mimic official communications.
The article frames the issue as part of a broader shift in cybercrime tactics from “hacking systems” to taking over accounts using stolen credentials, and points to password-based logins as a continuing weakness on many ticketing platforms.
Schomburgk says the safest way to reduce the risk of ticket fraud is to use official channels. He notes FIFA has stated its ticketing website is the only direct seller of tickets and that secondary transactions should be conducted through official resale or exchange mechanisms.
He warns that buying tickets through social media and third-party marketplaces can bypass verification processes and increase the likelihood of receiving duplicated or invalid tickets. The article also advises fans to avoid buying tickets offered as PDFs or QR codes shared through messaging apps, describing these as easily copied digital artefacts.
On account security, the article recommends enabling multi-factor authentication (MFA) even when purchasing through official channels, but cautions that some common methods such as SMS codes and app-generated passwords can still be intercepted or phished. Schomburgk points to “phishing-resistant” approaches such as passkeys and hardware security keys as more robust options.
The article also highlights “urgency” as a common feature of phishing campaigns, including messages claiming payment failures or ticket cancellations. It advises recipients to avoid clicking links in unsolicited messages and instead navigate directly to official websites or apps to verify account status.
Schomburgk says counterfeit merchandise and fake storefronts are also common during major events, and recommends using authorised retailers to reduce fraud risk.
The article concludes that while fraud tactics will continue to evolve, basic steps—using official channels, strengthening authentication and verifying messages before responding—can materially reduce the risk for Australian fans.
