Deepfakes and real scams: Cybercriminals spot opportunity at KC’s World Cup too

As Kansas City plays host to six matches during the 2026 FIFA World Cup, much of the public conversation has focused on transportation, hospitality and physical security.

Cybersecurity experts say local businesses should also prepare for a different kind of visitor: cybercriminals looking to exploit the confusion, urgency and attention that accompany one of the world’s largest sporting events.

“We’re all massive targets,” said Tracey “The Safety Lady” Hawkins, a Kansas City-based safety and generative AI cybersecurity educator.

The World Cup is expected to bring hundreds of thousands of visitors to the region. While most will arrive to watch soccer, spend money and experience the city, experts say major international events also attract scammers, fraudsters and opportunistic bad actors.

Much of the threat comes from beyond the most obvious: knock-off jerseys and apparel, fake tickets, and unlicensed street vendor scams.

“The latest FBI IC3 statistics for cybercrime puts it at $21 billion and people just don’t see it unless it happens to their business, until it happens to them personally,” Hawkins said.

Cybersecurity threats tied to major events are rarely limited to stadiums or organizers. Instead, experts say they often target the businesses, nonprofits, schools and individuals surrounding them.

“We’re going to see an increase in scams,” said Ed Hudson, vice chancellor for information technology and chief information officer at the University of Kansas. “We’re going to see an increase in phishing. We’re going to see an increase in all manner of fraudulent kind of activity.”

Hudson serves on planning groups connected to the World Cup effort and said organizations across the region have spent years preparing for the event.

“I think people would be surprised at the depth of bench from a technology and a cybersecurity” perspective in the Kansas City region, he said.

Tracy Whelpley, KC2026, Rob Ringelspaugh, Bank of America, and Matt Shatto, share a laugh at CPKC Stadium during a panel conversation about World Cup readiness; photo by Austin Barnes, Startland News

Why major events are so enticing

Large international events — and the chaos and distractions for small business owners that accompany them — create ideal conditions for cybercrime, said Rob Ringelspaugh, Bank of America senior vice president and info security cyber defense senior manager.

“Stress levels are going to increase,” Ringelspaugh told a crowd gathered this spring for a panel conversation on World Cup readiness for small businesses, curated by Startland News and Bank of America. “Cyber criminals know that companies may take shortcuts when stress levels increase.”

Businesses hire temporary workers. New vendors enter the market. Visitors connect to unfamiliar networks. Restaurants, hotels and retailers process more transactions than normal.

Most importantly, people get busy.

Tracey “The Safety Lady” Hawkins

“When there’s urgency, crime typically follows,” Hawkins added.

Cybercriminals often exploit that urgency through phishing emails, fraudulent invoices and social engineering schemes designed to convince employees to take actions they would normally question.

Increasingly, those scams are being enhanced by artificial intelligence.

Hawkins points to recent incidents involving AI-generated voice cloning and deepfake technology. In one widely reported case, an employee believed he was participating in a video call with company executives and transferred millions of dollars before discovering he was the only human on the call.

“It takes three seconds to record someone’s voice, three to 20 seconds to record an exact duplication of someone’s voice and you can make it say anything,” she said.

The rise of AI has not fundamentally changed cybercrime, Hawkins noted. It has made existing scams faster, cheaper and more convincing.

Biggest vulnerability: people

Despite advances in technology, both experts identify the same weak point.

“It’s people,” Hudson said. “You can trace almost every cyber event back to a person, a person who is duped.”

That reality drives many cybersecurity programs.

Organizations invest heavily in software and infrastructure, but a single employee clicking a malicious link, approving a fraudulent invoice or responding to a convincing scam can still create significant damage.

“We have to be right 100 percent of the time and the bad guy only has to be right once,” Hudson said.

Awareness, he added, remains one of the most effective defenses.

“If somebody’s sending you an unexpected attachment and link, then be suspicious of it and check it out,” he said.

Photo by Clay Banks

What businesses should do now

Experts recommend that businesses review cybersecurity practices. Visitors are already arriving, but it’s not too late, they emphasized.

Among the most important steps:

• Enable multifactor authentication on all business accounts.
• Install security updates promptly.
• Use strong passphrases or biometric authentication when possible.
• Train employees to identify phishing and social engineering attempts.
• Verify unusual payment requests through a known phone number or secondary communication channel.
• Review vendor cybersecurity practices and third-party access.

Hawkins also encouraged businesses to pay attention to QR codes, which have become common in restaurants, parking systems and event spaces.

Cybercriminals have increasingly used fake QR codes placed over legitimate ones to redirect users to malicious websites or scams.

As Kansas City prepares for its moment on the global stage, cybersecurity professionals say the region’s growing visibility brings both opportunity and risk.

The same attention that attracts visitors, investment and international recognition can also attract people looking to take advantage of it.

“Be aware. Pay attention,” Hudson said. “Take a minute and think before you click on something. And if it’s too good to be true, it probably is.”

Startland News reporter Nikki Overfelt Chifalu contributed to this report.