New Delhi: As the Indian Premier League (IPL) 2026 heats up, cybercriminals are cashing in on the frenzy. Security firm Kaspersky has warned cricket fans in India about a surge in short‑lived betting and phishing websites that disappear almost as quickly as they appear, leaving victims with no way to recover their money or data.
For millions of Indians, IPL is more than just cricket, it’s a festival. From late‑night match streams to heated WhatsApp debates, the excitement is everywhere. But that very passion is being exploited. Fraudsters are setting up fake betting platforms that look deceptively similar to legitimate sites, often using “typo” domains with minor spelling tweaks.
Instead of proper sign‑ups, these sites push users to create a “Betting ID” by contacting operators directly on WhatsApp. This bypasses standard security checks and exposes fans to data theft, fraud, and even identity misuse. Once the tournament hype fades, the sites vanish, making it impossible to trace or report them.
Kaspersky explains that scams like these leverage urgency and excitement, making it critical for users to stay cautious and verify platforms before sharing any personal or financial information.
The warning comes at a time when IPL 2026 is drawing record engagement across digital platforms. Fake streaming links, ticketing scams, and betting frauds are spreading alongside genuine match updates. The short lifespan of these scam sites allows attackers to rotate domains and stay ahead of detection.
- Check URLs carefully: avoid newly created or suspicious domains.
- Don’t create “Betting IDs” via WhatsApp: legitimate platforms never use messaging apps for sign‑ups.
- Beware of urgency tactics: limited‑time offers are often bait.
- Never share sensitive details like bank info, OTPs, or passwords on unverified platforms.
- Report suspicious sites/messages to cybercrime helplines. Use security tools like anti‑phishing protection, safe browsing alerts, and real‑time fraud detection to block malicious IPL scams.
