Kaspersky, the Cybersecurity firm, has identified at least 336 fraudulent websites impersonating official World Cup platforms since the tournament began on June 11.

The company said cybercriminals are exploiting heightened interest in the 2026 World Cup by creating websites designed to resemble legitimate tournament-related platforms. Many of the sites seek to collect personal information, steal account credentials or persuade users to make payments for non-existent services.

According to Kaspersky, one of the most common schemes involves fraudulent streaming websites that promise free access to live matches. Users are encouraged to register before being asked to pay a fee in cryptocurrency for what is described as lifetime access to tournament broadcasts. Victims risk both financial losses and the exposure of personal data, the company said.

The cybersecurity firm also reported an increase in fake betting and match prediction websites. These platforms typically request personal details such as names, email addresses and phone numbers during registration. Such information can later be used in credential theft or other forms of fraud, particularly when users reuse passwords across multiple online services.

Attackers are also using phishing emails to target football supporters. These messages often promote purported football analytics services or match prediction products and attempt to create a sense of urgency to encourage recipients to act quickly, according to a press release by Kaspersky.