World Cup chargebacks are coming, and fraud teams are already seeing the pattern
ACI Worldwide and Bluefin Payment Systems say the FIFA World Cup is already creating the kind of volume spike that fraudsters like to hide inside. For merchants selling tickets, travel, and merchandise, the issue is not just fraud loss but the chargebacks and operational strain that follow when traffic jumps fast.
- ACI Worldwide analyzed 24.5 million global transactions across 61 live events, including the 2022 World Cup, to map how fraud behaves around major sporting events. Based on that data, the company says it is seeing similar patterns ahead of the FIFA 2026 World Cup games, which began this month.
- Jackie Barwell, ACI’s director of fraud product management, said the company has been advising clients to be “more vigilant” and to prepare for increased demand. Her point is straightforward: when event-driven volume surges, merchants can be stretched thin, and temporary staff may not know the normal controls well enough to spot suspicious activity.
- According to Barwell, the main targets are merchants selling tickets and accommodations tied to the event. The fraud window typically opens about eight to 12 weeks before the event and intensifies as kickoff gets closer, with attempts generally in the $200 to $400 range before rising nearer to the event.
- The mechanics are familiar. Fraudsters build fake websites to capture consumer credentials and related data during card-not-present purchases, including transactions made on mobile devices, in apps, or by phone. They then use those credentials on legitimate sites, either immediately or later, when real event traffic gives the activity a veneer of normality.
- Bluefin Chief Information Security Officer Brent Johnson said cybercriminals are targeting the “entire fan journey,” from ticket searches and travel bookings to match streaming and merchandise purchases. He said the highest concentration of attacks has involved fake ticketing websites, spoofed FIFA domains, and fraudulent hospitality offers.
The broader backdrop is not helping. Nasdaq’s Verafin unit said the amount of money stolen by online criminals globally increased by 9.2% last year, partly because of increased AI use. For PSPs, acquirers, and merchants around big events, that means the usual playbook — stronger monitoring, device intelligence, geolocation signals, and faster review of card-not-present traffic — is not optional busywork. It is the difference between processing a spike and underwriting a mess.
Weekly high-risk digest
Regulation, sanctions and payment news across your verticals — once a week, free.
Please check your inbox and click the link to confirm your subscription.
Please enter a valid email address!