The 2026 Winter Olympic Games are in full swing, captivating sports fans worldwide. However, the Games also serve as an opportunity for scammers to strike with different kinds of cyber fraud.
Kaspersky has identified some of the key scams targeting fans right now – these are centred on fake tickets, merchandise and streaming access.
- Ticket fraud – Fake ticket schemes rank among the most damaging scams hitting sports fans. With sports venues drawing huge crowds, attackers push bogus “tickets” through phishing sites that mimic official sellers to harvest payment info. Official sources stress that tickets are sold exclusively through the authorised Olympics platform, and third-party brokers or resale sites (outside any official resale channel) are fraudulent.
- Bogus merchandise traps – Fans rushing to buy authentic sports competition items – clothes, souvenirs or event-specific collectibles – are prime targets. Attackers launch multiple counterfeit online shops that may use official logos, post convincing photos and fabricate glowing reviews to appear legitimate. Victims pay, then get nothing – or have their card details stolen for later fraud.
- Fake streaming offers – Attackers create deceptive websites imitating broadcasters, promising “cheap,” “exclusive,” or even “free” ways to catch winter competition events live – from snowboard cross to curling finals. Users pay by inputting card details expecting instant access, only to lose their money and expose financial data for theft or redirects to more scams when they hit “play.”
“While global competitions bring together people from different countries for the ultimate sports festival, they also draw fraudsters eager to cash in on the hype,” notes Anton Yatsenko, web content expert at Kaspersky.
“Whether through phony ticket portals, imitation merchandise sites or bogus streaming links, these schemes are designed to look completely genuine.
“The best defence for sports fans is to pause, double-check every source and stick strictly to official, trusted channels before entering any personal or payment information.”