Cybersecurity and privacy experts are raising concerns around the growing trend of sports fans using generative AI to create World Cup-related images, mock-ups, predictions, and social media content – while offering new ways for supporters to engage with major sporting events, these tools also introduce risks that many users may underestimate.

In light of this, Kaspersky has shared the key risks fans should keep in mind when using generative AI tools so they can continue enjoying the last week of the tournament with peace of mind.

 

When fan AI goes rogue

A growing number of AI tools are being used to create World Cup-themed visuals, avatars, memes and other fan content. While these services may seem creative and harmless, not all of them come from trusted providers. Many are launched quickly to capitalise on interest around major events, increasing the likelihood that users will interact with platforms that offer limited transparency around data handling, lack adequate privacy and security measures, or might even be designed with malicious intent.

 

Personal data at stake

To create customised World Cup content, users are often asked to upload selfies, sign up with an email address, connect social media accounts, or share other personal information. In doing so, they may reveal more information than necessary without fully understanding how that data will be stored, used, or potentially exposed.

“AI-driven fan content may seem harmless, but one of the key privacy risks is that users are often encouraged to share far more personal information than necessary,” says Anna Larkina, Web Content analysis and privacy expert at Kaspersky. “A simple request to generate a themed avatar can involve the collection of photos, contact details, account data and behavioural insights – information that may later be insufficiently protected. Because major global events often create an ideal environment for opportunistic actors, fans should take a closer look at how these tools manage personal data before engaging with them.”

 

When fan content becomes a scam.

AI-generated World Cup content in some cases can also be used to support fraud. Cybercriminals may use convincing mock-ups, fake giveaways, or official-looking fan pages to attract attention and build trust. Once users engage, they may be redirected to phishing sites, fake stores, fraudulent offers, or betting-related scams. Generative AI makes these campaigns easier to produce, more persuasive and far easier to scale.

 

The myth of AI predictions

Another area that deserves caution is AI-powered match prediction. However advanced or data-driven these tools may appear, AI cannot reliably predict inherently uncertain sporting outcomes. When used to promote betting, paid subscriptions, or “insider communities” such services can create a false sense of confidence and encourage risky decisions.

Kaspersky has shared several tips on how to stay safe while interacting with AI during the World Cup, together with general cybersecurity recommendations for fans:

  • Be highly selective about the information you share. Avoid uploading sensitive personal data, including IDs, addresses, passwords, payment details, or unnecessary personal photos to AI tools unless the provider is trusted and the purpose is clearly justified.
  • Review the privacy policy before using any AI service. Users should understand whether their prompts, images, and conversations may be stored, reused, used for model training or shared with third-parties.
  • Use only reputable AI platforms. Be especially cautious with unofficial or unfamiliar services launched around major sporting events as some may be designed primarily to collect user data.
  • Do not link your primary accounts unless absolutely necessary. It is best to avoid connecting core email, cloud, or social media accounts to AI services that may not have strong security.
  • Treat AI-generated predictions as entertainment, not expertise. They should not be relied upon for betting, purchases, or other financial decisions.
  • Verify websites, offers and communities independently. Sometimes professional design, sports branding, or viral popularity does not guarantee legitimacy.
  • Manage sensitive data securely: avoid storing passwords or recovery phrases in your photo gallery or notes; instead, use a dedicated, trusted password manager.
  • Use a reliable security solution that identifies malicious attachments and blocks phishing links. To ensure advanced protection against increasingly complex cyberthreats, Kaspersky actively amplifies its consumer solutions with AI-powered scam protection – a unified suite of technologies that combines machine learning-based anti-phishing algorithms, realtime behaviour monitoring, accompanied by Data Leak and Identity Theft checkers.