The Dark Side of Design: How UX is Being Weaponised Around the World Cup

I'll be honest with you. I am genuinely, embarrassingly excited about the 2026 World Cup.

Not necessarily all of England's squad choices. We won't get into that. But come June, I will be glued to every match, probably shouting at a screen somewhere and pretending I knew Tuchel's tactics all along.

So when I started seeing articles about the eye-watering costs fans are facing, and then watched a BBC News report on New York essentially suing FIFA over the whole thing, I couldn't just scroll past. I needed to look into it. Not just as a fan, but as a designer.

Because what I found isn't just a story about expensive tickets or dodgy resellers. It's a story about how the tools of our trade are being weaponised. And that's worth talking about.

First, a quick primer on dark patterns

The term "dark patterns" was coined by UX researcher Harry Brignull back in 2010. The idea is simple: design can be used to help users, or it can be used to manipulate them. Dark patterns sit firmly in the second camp. They exploit cognitive biases, decision fatigue, and human psychology to nudge users toward choices that benefit the business, often at the user's direct expense.

These aren't obscure techniques. A 2019 Princeton University and University of Chicago study found that over 10% of popular e-commerce sites use them. A 2022 European Commission report put that figure at 97% of popular apps. They're everywhere, and most of us have been caught out by them without realising it.

And they're not limited to ticket scams. Dark patterns show up in subscription services that make cancellation deliberately painful. In energy comparison sites that bury the cheapest option. In app onboarding flows that harvest your data behind a wall of confusing consent toggles. In pension and insurance products designed to obscure fees. Anywhere there's a commercial incentive and a captive user, the conditions are right.

The classic examples are pretty recognisable once you know what to look for.

Countdown timers that create urgency around a sale, then quietly reset when the timer hits zero. Fake scarcity messages ("Only 2 left!") that refresh daily regardless of actual stock. Hidden costs that appear at checkout after you've already committed emotionally to the purchase. Fake social proof like "12 people are viewing this right now" popping up to make you panic.

These are cynical design choices. But they're mostly legal. The story of the 2026 World Cup is what happens when those same techniques get picked up by people with genuinely criminal intent.

The World Cup is a perfect storm

The 2026 FIFA World Cup, spanning the US, Canada, and Mexico, is the largest sporting event ever held. Hundreds of millions of fans want tickets. Supply is genuinely limited. Demand is genuinely extreme. During the Random Selection Draw sales phase alone, more than 500 million ticket requests were submitted over 33 days.

But FIFA hasn't exactly helped itself here. Prices for more than 90 matches reportedly rose between October 2025 and April 2026, with some increasing by an average of 34%. The attorneys general of New York and New Jersey have now launched a formal investigation into FIFA's ticketing practices, with New Jersey's AG describing the process as "a gauntlet of confusion, fake scarcity and impossibly high prices." Fan groups have separately filed a formal complaint with the European Commission, alleging FIFA abused its monopoly position through high prices, opaque conditions, and dynamic pricing that fans had no ability to challenge.

When the official experience is that frustrating and that confusing, fans start looking elsewhere. And "elsewhere" is exactly where the scammers are waiting.

That combination of high emotion, genuine scarcity, institutional confusion, and global scale is exactly what bad actors dream of.

Researchers have uncovered fraud infrastructure spanning at least 222 domains across 203 unique IP addresses, nearly three times larger than initially reported. More than 55 scam campaigns are running simultaneously across Facebook, Instagram, email, and fake streaming platforms. And that number is growing.

This isn't a few opportunistic chancers with a dodgy website. This is an industry.

The UX tricks being deployed right now

Here's what makes this story interesting from a design perspective. The people running these scams aren't just criminals. They're good at UX. Uncomfortably good.

Pixel-perfect cloning. Fraudulent sites don't look like scams. They look exactly like the official FIFA ticketing platform, because they've been built to. The registration flow, the cart, the checkout, the confirmation email. All of it mirrors the legitimate experience step for step. The UX is indistinguishable from the real thing. That's the point.

Fake countdown timers. One of the clearest red flags on fraudulent ticket sites is a countdown timer that resets when you reload the page. It creates genuine panic. It reflects no real deadline. It's a dark pattern in its purest form: manufactured urgency to override rational decision-making.

"Pay now or lose the ticket." This mirrors the pressure fans already feel from legitimate demand. Scammers take a real anxiety, amplify it, and weaponise it. The FTC has specifically flagged this tactic in consumer warnings around the 2026 tournament.

Fake waiting lists and pre-sale flows. These aren't crude popups. They're sophisticated UX flows that mimic the legitimate queue systems used by Ticketmaster and FIFA itself. Fake confirmations. Counterfeit QR codes. AI-generated customer support. Many victims don't realise they've been scammed until they're denied entry at the stadium.

SEO and paid ads. Some victims reach fraudulent sites through sponsored search results that appear above the legitimate FIFA website. The FBI has specifically warned fans to avoid clicking sponsored results when searching for World Cup tickets. Think about that for a second. The design of search itself is being exploited.

Prices 80 to 90% below retail. This is a dark pattern in disguise. It uses the human desire for a bargain to override rational caution. The deal feels too good to be true, which is your brain telling you something. But the urgency and scarcity signals drown that out.

Shared scam kit templates. The most unsettling part of all this is the infrastructure. A successful fraudulent UX template gets packaged up, shared, and sold. Multiple independent actors deploy it simultaneously. Fraudulent design is being productised and distributed at scale.

FIFA isn't entirely off the hook here

And look, it's worth saying this plainly: some of what FIFA itself has been doing isn't far off from the dark pattern playbook either.

The official ticketing experience has been widely criticised for being confusing and opaque. The site crashed during the first major sales phase in September 2025. FIFA advertised group-stage tickets from as little as $60, but according to fan groups, almost no fans managed to secure them at that price. The discounted tickets were reportedly gone before general sale even began, which fan group Football Supporters Europe has described as bait advertising, illegal under EU consumer law.

US lawmakers have described FIFA's approach as "opaque pricing, shifting rules, and potentially deceptive practices." The New York attorney general put it more bluntly: "No one should be manipulated into paying sky-high prices for seats."

This matters beyond the obvious. Because confusing legitimate UX trains users to accept confusion. When the real thing is hard to use, inconsistent, and occasionally deceptive, it becomes much harder to distinguish a fraudulent site from an official one.

FIFA's own approach to pricing and design inadvertently creates the fog that scammers move through.

Design as a weapon

Dark patterns started life as legitimate-but-cynical business tricks. The Ryanair add-ons. The pre-ticked insurance box. The cancellation flow designed to make you give up. Annoying. Manipulative. But mostly legal.

What's happening around the 2026 World Cup is the logical endpoint of normalising that approach to design. When an industry accepts that it's okay to manipulate users for profit, it creates a template. And templates get adopted by people with far worse intentions.

Regulators are starting to catch up. TikTok was fined €345 million by the Irish Data Protection Commission in 2023 for using manipulative design practices targeting children. The EU's Digital Services Act is bringing more scrutiny to deceptive interfaces. A Digital Fairness Act is in development, though it may not take effect until 2028 or 2029. The window for operating in a regulatory grey area is closing.

But for hundreds of thousands of football fans trying to get to a game this summer, that's cold comfort.

If you're buying tickets this summer

Keep it simple. Buy only through the official FIFA ticketing platform or its verified partners. Avoid any site that reaches you through a sponsored ad. If a price looks too good to be true, it is. If a countdown timer is pressuring you, reload the page and see if it resets.

And if you feel rushed, stop. That feeling is designed. It's not real.

What designers should take from this

This is where it gets uncomfortable for us as a profession.

Every dark pattern deployed by these scammers started life as a legitimate design technique. Urgency. Scarcity. Social proof. These are tools we reach for regularly, often with perfectly good intentions. But they exist on a spectrum. And the World Cup scam ecosystem is the far end of that spectrum made visible.

The same patterns show up closer to home too. The gym membership that takes three phone calls to cancel. The free trial that buries the billing date. The cookie consent banner engineered so that "accept all" is one tap and "manage preferences" is an obstacle course. These aren't World Cup scams, but they're drawing from the same playbook.

A few things worth carrying into your next project.

Urgency should be real. If you're using a countdown timer, it should reflect an actual deadline. If it doesn't, you're not creating urgency, you're manufacturing panic. There's a difference, and users increasingly know it.

Scarcity should be honest. "Only 3 left" is useful information when it's true. When it isn't, you're eroding trust for a short-term conversion. Not worth it.

Complexity is a vulnerability. FIFA's own confusing UX created the conditions that scammers exploit. When legitimate experiences are hard to navigate, users lower their guard. Clear, honest design isn't just good ethics. It's a line of defence.

We normalise more than we realise. Every time a pattern gets used cynically but legally, it moves the goalposts slightly. It trains users to accept confusion and pressure as normal. The scammers operating right now aren't inventing anything new. They're just following the template we helped establish.

Good design should make people's lives easier. It should be transparent about what it's asking. It should respect the person on the other side of the screen.

The World Cup scams are an extreme example. But the principles they exploit aren't extreme at all. They're in our toolkits right now.

Worth thinking about.