🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Read more
Cybercriminals targeted fans and teams at the 2025 Belgian Grand Prix (July 27, Spa-Francorchamps) with phishing emails, fake ticket sites, streaming scams, and counterfeit merchandise. The event’s popularity and reliance on tech made it a prime cyberattack target. A hacked official email in early 2024 led to major phishing campaigns. Fans and F1 teams are urged to follow strict cybersecurity practices to avoid scams and data theft.
Identify and counter malicious links and phishing attempts effectively with CloudSEK XVigil Fake URLs and Phishing module, bolstering your defense against cyber threats
Schedule a DemoThe Belgian Grand Prix, held at the iconic Spa-Francorchamps circuit, is a highlight of the Formula 1 calendar, drawing thousands of fans and global attention on July 27, 2025. As Formula 1’s popularity surges, so does the interest of cybercriminals who exploit the enthusiasm of fans and the technological reliance of teams. This whitepaper examines the cybersecurity scams and threats surrounding the 2025 Belgian Grand Prix, offering insights into recent incidents, common scam tactics, and protective measures for fans and teams.
Formula 1 is not only a showcase of speed and engineering but also a data-driven sport reliant on cutting-edge technology. Teams collect vast amounts of telemetry data—such as tire temperatures and engine performance—to optimize race strategies in real time. This data, along with sensitive vehicle designs and intellectual property, makes F1 teams prime targets for cyberattacks. Fans, eager to secure tickets or engage with the sport online, are equally vulnerable to scams, particularly around high-profile events like the Belgian Grand Prix.
Recent years have seen several high-profile cyberattacks targeting F1 teams:
These incidents underscore the vulnerabilities in F1’s digital ecosystem, from team operations to fan-facing platforms.
The 2025 Belgian Grand Prix, with its Sprint race format and high-profile driver battles, is a prime target for scammers. A notable incident earlier in 2024 involved the official Belgian Grand Prix email account being hacked, leading to a phishing campaign targeting fans. Below are the most common scams fans should watch for:
Hackers often impersonate official Grand Prix organizers, F1 teams, or sponsors to send phishing emails promising discounted tickets or exclusive access. In March 2024, threat actors infiltrated the Belgian Grand Prix’s official contact email, sending fraudulent emails to fans eager to attend the July event. These emails often request personal information or payments to secure tickets that never materialize.
Scammers create fake social media accounts posing as F1 drivers, teams, or sponsors, offering free tickets, merchandise, or cash prizes. These scams require users to like, share, or provide personal information to “enter” giveaways. Some ask for fees to claim prizes, which are nonexistent.
Example: A fake McLaren Instagram account promises free paddock passes for the Belgian Grand Prix if users share a post and submit personal details via a link.
With fans streaming the Belgian Grand Prix in 4K or engaging in live commentary, cybercriminals offer fake streaming services that deliver malware or steal login credentials. These sites often mimic legitimate platforms like F1 TV but install harmful software or prompt users to enter sensitive information.
Scammers exploit the popularity of F1 merchandise, offering counterfeit team gear or fake NFTs tied to the Belgian Grand Prix. These scams often appear on unofficial marketplaces or social media, luring fans with low prices. Ferrari’s 2023 NFT scam, where a compromised subdomain hosted fraudulent offers, is a prime example.
We have seen a rise in new domain registrations in the past two months leading up to the Belgian Grand Prix. Cybercriminals often register domains that closely mimic official Formula 1 or Spa-Francorchamps websites to deceive fans and stakeholders.
These fake domains are used for:
A list of such newly registered domains impersonating grandprix:
F1 teams face sophisticated threats beyond fan-targeted scams. The Belgian Grand Prix’s high stakes, with drivers like Oscar Piastri and Max Verstappen vying for points, amplify the value of team data. Key threats include:
To enjoy the Belgian Grand Prix safely, fans should adopt the following cybersecurity practices:
F1 teams can strengthen their cybersecurity posture with these strategies:
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.