Football World Cup fans are being warned about a large network of fraudulent websites posing as free match streaming services. Instead of live broadcasts, users risk being exposed to intrusive advertising, phishing attempts, and other online scams.
Malwarebytes researcher Stefan Dasic identified more than 40 domains linked to the FIFA World Cup. Most of them share the same design, similar source code, and identical advertising networks, suggesting they are operated by the same group.
The scammers are targeting football fans looking for quick access to live matches while traveling or trying to watch games from outside their home country. These websites promise HD-quality streams, multiple viewing servers, match schedules, and instant access to live broadcasts.
In reality, the promised streams are often nothing more than bait. Some sites embed third-party pirated feeds, while others fail to provide any working stream at all. Instead of watching a match, users are trapped in endless loading screens, retry messages, and prompts urging them to click additional buttons.
According to Dasic, even elements that appear to be legitimate video players may actually be disguised advertising blocks. Every click can trigger new ads, open additional browser tabs, or redirect visitors to other websites.
“Your data is the product, and the stream is the bait,” Dasic warns.
During their investigation, researchers found these websites packed with advertising modules and tracking scripts. Users may be redirected to pages displaying fake virus alerts, fraudulent software update prompts, bogus prize giveaways, or unwanted subscription traps.
Another major concern is the promotion of questionable cryptocurrency projects, airdrops, investment platforms, and services promising fast, guaranteed profits. Such schemes are frequently used to steal money or harvest personal information.
Researchers also discovered hidden 1×1-pixel advertisements embedded within the pages. Although invisible to visitors, these elements help fraudsters artificially inflate ad impressions and generate additional revenue.
Dasic notes that the very first click on a page is often intercepted before any video playback begins. As a result, users may open several advertising pages before even attempting to watch a match.
“You haven’t even started watching football, and you’ve already launched an ad,” he says.
The researchers also identified fake notifications designed to resemble messages from popular chat applications. These alerts create the impression that someone is trying to contact the user, encouraging further clicks and interactions.
Experts advise users to be cautious of websites offering free HD streams without registration. Sites that constantly generate pop-ups, redirect visitors to unrelated pages, or display endless “click to continue” messages should be treated as suspicious.
For safer viewing, fans are encouraged to use official broadcasters and licensed streaming platforms. When access is restricted by location, experts recommend using a VPN rather than relying on unofficial streaming websites.
