🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity

Cybersecurity Scams Targeting Fans and Teams at the 2025 Belgian Grand Prix

Cybercriminals targeted fans and teams at the 2025 Belgian Grand Prix (July 27, Spa-Francorchamps) with phishing emails, fake ticket sites, streaming scams, and counterfeit merchandise. The event’s popularity and reliance on tech made it a prime cyberattack target. A hacked official email in early 2024 led to major phishing campaigns. Fans and F1 teams are urged to follow strict cybersecurity practices to avoid scams and data theft.

Ayush Panwar
July 28, 2025
Green Alert
Last Update posted on
July 28, 2025
Don't let your brand be used to trap users through fake URLs and phishing pages

Identify and counter malicious links and phishing attempts effectively with CloudSEK XVigil Fake URLs and Phishing module, bolstering your defense against cyber threats

Schedule a Demo
Table of Contents
Author(s)
No items found.

The Belgian Grand Prix, held at the iconic Spa-Francorchamps circuit, is a highlight of the Formula 1 calendar, drawing thousands of fans and global attention on July 27, 2025. As Formula 1’s popularity surges, so does the interest of cybercriminals who exploit the enthusiasm of fans and the technological reliance of teams. This whitepaper examines the cybersecurity scams and threats surrounding the 2025 Belgian Grand Prix, offering insights into recent incidents, common scam tactics, and protective measures for fans and teams.

The Growing Threat Landscape in Formula 1

Formula 1 is not only a showcase of speed and engineering but also a data-driven sport reliant on cutting-edge technology. Teams collect vast amounts of telemetry data—such as tire temperatures and engine performance—to optimize race strategies in real time. This data, along with sensitive vehicle designs and intellectual property, makes F1 teams prime targets for cyberattacks. Fans, eager to secure tickets or engage with the sport online, are equally vulnerable to scams, particularly around high-profile events like the Belgian Grand Prix.

Notable Cybersecurity Incidents in F1

Recent years have seen several high-profile cyberattacks targeting F1 teams:

  • McLaren Racing (2019): McLaren detected unusual activity in its network, particularly around engineering data and design files. A security audit was initiated to address vulnerabilities and prevent unauthorized access.
  • Mercedes-AMG Petronas (2020): The team reported a cyberattack targeting sensitive data, highlighting the ongoing risks for top-tier teams.
  • Red Bull Racing (2020): Hackers attempted to access vehicle performance and design data, prompting collaboration with cybersecurity firms to bolster defenses.
  • Ferrari (2023): A ransomware group, RansomEXX, stole internal documents, including datasheets and manuals. Ferrari also faced an NFT scam after a subdomain was compromised.
  • Williams Racing (2021): A cyberattack disrupted the unveiling of their FW43B car’s livery via an augmented reality app.

These incidents underscore the vulnerabilities in F1’s digital ecosystem, from team operations to fan-facing platforms.

Cybersecurity Scams Targeting Fans at the 2025 Belgian Grand Prix

The 2025 Belgian Grand Prix, with its Sprint race format and high-profile driver battles, is a prime target for scammers. A notable incident earlier in 2024 involved the official Belgian Grand Prix email account being hacked, leading to a phishing campaign targeting fans. Below are the most common scams fans should watch for:

1. Phishing Emails and Fake Ticket Scams

Hackers often impersonate official Grand Prix organizers, F1 teams, or sponsors to send phishing emails promising discounted tickets or exclusive access. In March 2024, threat actors infiltrated the Belgian Grand Prix’s official contact email, sending fraudulent emails to fans eager to attend the July event. These emails often request personal information or payments to secure tickets that never materialize.

Snapshot of the phishing email sample sent to fans last year

2. Social Media Giveaway Scams

Scammers create fake social media accounts posing as F1 drivers, teams, or sponsors, offering free tickets, merchandise, or cash prizes. These scams require users to like, share, or provide personal information to “enter” giveaways. Some ask for fees to claim prizes, which are nonexistent.

Example: A fake McLaren Instagram account promises free paddock passes for the Belgian Grand Prix if users share a post and submit personal details via a link.

3. Dodgy Streaming and Piracy Scams

With fans streaming the Belgian Grand Prix in 4K or engaging in live commentary, cybercriminals offer fake streaming services that deliver malware or steal login credentials. These sites often mimic legitimate platforms like F1 TV but install harmful software or prompt users to enter sensitive information.

4. Fake Merchandise and NFT Scams

Scammers exploit the popularity of F1 merchandise, offering counterfeit team gear or fake NFTs tied to the Belgian Grand Prix. These scams often appear on unofficial marketplaces or social media, luring fans with low prices. Ferrari’s 2023 NFT scam, where a compromised subdomain hosted fraudulent offers, is a prime example.

Snapshot of the fake merchandise site

Rise of fake domains

We have seen a rise in new domain registrations in the past two months leading up to the Belgian Grand Prix. Cybercriminals often register domains that closely mimic official Formula 1 or Spa-Francorchamps websites to deceive fans and stakeholders.

These fake domains are used for:

  • Phishing attacks, collecting personal and payment information under the guise of ticket sales or official merchandise.
  • Distributing malware, disguised as ticket PDFs, schedules, or streaming “players.”
  • Spreading misinformation about the event to generate clicks or scam funds.

A list of such newly registered domains impersonating grandprix:

Domain Name Registrar Creation Date Expiration Date
CHEERGRANDPRIX.COMNetwork Solutions, LLC2025-06-062026-06-06
F1GRANDPRIXNEWS.COMMoniker Online Services LLC2024-06-062025-06-06
FORMULAGRANDPRIX.COMOVH, SAS2025-05-312026-05-31
GRANDPRIXJOBS.COMNameCheap, Inc.2025-05-232026-05-23
GRANDPRIXQUADS.COMHOSTINGER operations, UAB2025-06-262026-06-26
GRANDPRIXSTORE.NETLiquidNet Ltd.2025-06-112026-06-11
GRANDPRIXWATCHSHOP.COMTUCOWS, INC.2025-06-262026-06-26
HOLIDAYGRANDPRIX.COMSquarespace Domains II LLC2025-06-012026-06-01
ONLINEGRANDPRIX.NETNameCheap, Inc.2025-07-072026-07-07
REDBULLUSGRANDPRIX.COMGname 240 Inc2025-06-032026-06-03
S1GRANDPRIX.COMName.com, Inc.2025-06-282026-06-28
SELENAGRANDPRIX.COMONLINE SAS2025-06-052026-06-05
SHOP-GRANDPRIX.COMNameCheap, Inc.2025-07-162026-07-16
VOLTGRANDPRIX.COMWild West Domains, LLC2007-04-092026-04-09
WEBGRANDPRIX.COMTUCOWS, INC.2024-07-012026-07-01
WORLDGRANDPRIX.COMMegazone Corp., dba HOSTING.KR2002-05-052026-05-05

Why This Matters

  • Fans may lose money or have their identities stolen.
  • Teams and organizers risk brand damage and trust erosion.
  • It increases the cybersecurity workload for monitoring and takedowns ahead of the race weekend.

Cybersecurity Challenges for F1 Teams

F1 teams face sophisticated threats beyond fan-targeted scams. The Belgian Grand Prix’s high stakes, with drivers like Oscar Piastri and Max Verstappen vying for points, amplify the value of team data. Key threats include:

  • Cyber Espionage: Rival teams or external actors may attempt to steal vehicle designs or race strategies. The 2020 Racing Point incident, where accusations of copying Mercedes’ brake ducts raised questions about digital espionage, highlights this risk.
  • Ransomware Attacks: Teams like Ferrari have faced ransomware groups demanding payment to prevent data leaks. Such attacks can disrupt operations during critical race weekends.
  • Network Breaches: Real-time data analysis during races makes teams vulnerable to network intrusions, which could sabotage communications or race strategies.

Protective Measures for Fans

To enjoy the Belgian Grand Prix safely, fans should adopt the following cybersecurity practices:

  • Verify Ticket Sources: Purchase tickets only from official platforms like www.formula1.com or authorized vendors. Avoid deals from unsolicited emails or social media.
  • Enable Two-Factor Authentication (2FA): Use 2FA for accounts related to ticket purchases or streaming services to add an extra layer of security.
  • Be Skeptical of Giveaways: Avoid engaging with social media giveaways that require personal information or payments. Verify accounts by checking for official badges or follower counts.
  • Use Secure Streaming Platforms: Stick to legitimate services like F1 TV or ESPN for race coverage. Ensure devices have updated antivirus software, such as Bitdefender Total Security, to detect malware.
  • Optimize Device Performance: For smooth streaming, upgrade to at least 16GB RAM, use an SSD, and ensure a stable Ethernet connection to avoid buffering.

Protective Measures for F1 Teams

F1 teams can strengthen their cybersecurity posture with these strategies:

  • Employee Training: Conduct regular training on phishing, social engineering, and other cyber threats to raise awareness among staff.
  • Network Segmentation: Isolate critical systems to prevent a single breach from compromising the entire network.
  • Vulnerability Scanning: Perform regular scans and penetration testing to identify and address weaknesses in IT infrastructure.
  • Third-Party Audits: Collaborate with cybersecurity firms, as Red Bull and Renault did, to assess and enhance defenses.
  • Incident Response Plans: Develop and test plans to quickly mitigate breaches, as McLaren did in 2019.

References

  • F1 Chronicle: 7 Formula 1 Scams That Are Catching Out Fans Right Now
  • Formula1.com: Belgian Grand Prix 2025
  • GPToday.com: F1 News and Results
  • Centre for Cybersecurity: Cybersecurity in Formula 1
  • TechRadar: Grand Prix Website Hacked for Phishing Emails
  • ExpressVPN Blog: The Biggest Cyberattacks in F1 History
  • Mashable: A Guide for Avoiding Scams Around the Formula 1 in 2025

Predict Cyber threats against your organization

Related Posts
No items found.

Join 10,000+ subscribers

Keep up with the latest news about strains of Malware, Phishing Lures,
Indicators of Compromise, and Data Leaks.

Take action now

Secure your organisation with our Award winning Products

CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.

Table of Content

The Belgian Grand Prix, held at the iconic Spa-Francorchamps circuit, is a highlight of the Formula 1 calendar, drawing thousands of fans and global attention on July 27, 2025. As Formula 1’s popularity surges, so does the interest of cybercriminals who exploit the enthusiasm of fans and the technological reliance of teams. This whitepaper examines the cybersecurity scams and threats surrounding the 2025 Belgian Grand Prix, offering insights into recent incidents, common scam tactics, and protective measures for fans and teams.

The Growing Threat Landscape in Formula 1

Formula 1 is not only a showcase of speed and engineering but also a data-driven sport reliant on cutting-edge technology. Teams collect vast amounts of telemetry data—such as tire temperatures and engine performance—to optimize race strategies in real time. This data, along with sensitive vehicle designs and intellectual property, makes F1 teams prime targets for cyberattacks. Fans, eager to secure tickets or engage with the sport online, are equally vulnerable to scams, particularly around high-profile events like the Belgian Grand Prix.

Notable Cybersecurity Incidents in F1

Recent years have seen several high-profile cyberattacks targeting F1 teams:

  • McLaren Racing (2019): McLaren detected unusual activity in its network, particularly around engineering data and design files. A security audit was initiated to address vulnerabilities and prevent unauthorized access.
  • Mercedes-AMG Petronas (2020): The team reported a cyberattack targeting sensitive data, highlighting the ongoing risks for top-tier teams.
  • Red Bull Racing (2020): Hackers attempted to access vehicle performance and design data, prompting collaboration with cybersecurity firms to bolster defenses.
  • Ferrari (2023): A ransomware group, RansomEXX, stole internal documents, including datasheets and manuals. Ferrari also faced an NFT scam after a subdomain was compromised.
  • Williams Racing (2021): A cyberattack disrupted the unveiling of their FW43B car’s livery via an augmented reality app.

These incidents underscore the vulnerabilities in F1’s digital ecosystem, from team operations to fan-facing platforms.

Cybersecurity Scams Targeting Fans at the 2025 Belgian Grand Prix

The 2025 Belgian Grand Prix, with its Sprint race format and high-profile driver battles, is a prime target for scammers. A notable incident earlier in 2024 involved the official Belgian Grand Prix email account being hacked, leading to a phishing campaign targeting fans. Below are the most common scams fans should watch for:

1. Phishing Emails and Fake Ticket Scams

Hackers often impersonate official Grand Prix organizers, F1 teams, or sponsors to send phishing emails promising discounted tickets or exclusive access. In March 2024, threat actors infiltrated the Belgian Grand Prix’s official contact email, sending fraudulent emails to fans eager to attend the July event. These emails often request personal information or payments to secure tickets that never materialize.

Snapshot of the phishing email sample sent to fans last year

2. Social Media Giveaway Scams

Scammers create fake social media accounts posing as F1 drivers, teams, or sponsors, offering free tickets, merchandise, or cash prizes. These scams require users to like, share, or provide personal information to “enter” giveaways. Some ask for fees to claim prizes, which are nonexistent.

Example: A fake McLaren Instagram account promises free paddock passes for the Belgian Grand Prix if users share a post and submit personal details via a link.

3. Dodgy Streaming and Piracy Scams

With fans streaming the Belgian Grand Prix in 4K or engaging in live commentary, cybercriminals offer fake streaming services that deliver malware or steal login credentials. These sites often mimic legitimate platforms like F1 TV but install harmful software or prompt users to enter sensitive information.

4. Fake Merchandise and NFT Scams

Scammers exploit the popularity of F1 merchandise, offering counterfeit team gear or fake NFTs tied to the Belgian Grand Prix. These scams often appear on unofficial marketplaces or social media, luring fans with low prices. Ferrari’s 2023 NFT scam, where a compromised subdomain hosted fraudulent offers, is a prime example.

Snapshot of the fake merchandise site

Rise of fake domains

We have seen a rise in new domain registrations in the past two months leading up to the Belgian Grand Prix. Cybercriminals often register domains that closely mimic official Formula 1 or Spa-Francorchamps websites to deceive fans and stakeholders.

These fake domains are used for:

  • Phishing attacks, collecting personal and payment information under the guise of ticket sales or official merchandise.
  • Distributing malware, disguised as ticket PDFs, schedules, or streaming “players.”
  • Spreading misinformation about the event to generate clicks or scam funds.

A list of such newly registered domains impersonating grandprix:

Domain Name Registrar Creation Date Expiration Date
CHEERGRANDPRIX.COMNetwork Solutions, LLC2025-06-062026-06-06
F1GRANDPRIXNEWS.COMMoniker Online Services LLC2024-06-062025-06-06
FORMULAGRANDPRIX.COMOVH, SAS2025-05-312026-05-31
GRANDPRIXJOBS.COMNameCheap, Inc.2025-05-232026-05-23
GRANDPRIXQUADS.COMHOSTINGER operations, UAB2025-06-262026-06-26
GRANDPRIXSTORE.NETLiquidNet Ltd.2025-06-112026-06-11
GRANDPRIXWATCHSHOP.COMTUCOWS, INC.2025-06-262026-06-26
HOLIDAYGRANDPRIX.COMSquarespace Domains II LLC2025-06-012026-06-01
ONLINEGRANDPRIX.NETNameCheap, Inc.2025-07-072026-07-07
REDBULLUSGRANDPRIX.COMGname 240 Inc2025-06-032026-06-03
S1GRANDPRIX.COMName.com, Inc.2025-06-282026-06-28
SELENAGRANDPRIX.COMONLINE SAS2025-06-052026-06-05
SHOP-GRANDPRIX.COMNameCheap, Inc.2025-07-162026-07-16
VOLTGRANDPRIX.COMWild West Domains, LLC2007-04-092026-04-09
WEBGRANDPRIX.COMTUCOWS, INC.2024-07-012026-07-01
WORLDGRANDPRIX.COMMegazone Corp., dba HOSTING.KR2002-05-052026-05-05

Why This Matters

  • Fans may lose money or have their identities stolen.
  • Teams and organizers risk brand damage and trust erosion.
  • It increases the cybersecurity workload for monitoring and takedowns ahead of the race weekend.

Cybersecurity Challenges for F1 Teams

F1 teams face sophisticated threats beyond fan-targeted scams. The Belgian Grand Prix’s high stakes, with drivers like Oscar Piastri and Max Verstappen vying for points, amplify the value of team data. Key threats include:

  • Cyber Espionage: Rival teams or external actors may attempt to steal vehicle designs or race strategies. The 2020 Racing Point incident, where accusations of copying Mercedes’ brake ducts raised questions about digital espionage, highlights this risk.
  • Ransomware Attacks: Teams like Ferrari have faced ransomware groups demanding payment to prevent data leaks. Such attacks can disrupt operations during critical race weekends.
  • Network Breaches: Real-time data analysis during races makes teams vulnerable to network intrusions, which could sabotage communications or race strategies.

Protective Measures for Fans

To enjoy the Belgian Grand Prix safely, fans should adopt the following cybersecurity practices:

  • Verify Ticket Sources: Purchase tickets only from official platforms like www.formula1.com or authorized vendors. Avoid deals from unsolicited emails or social media.
  • Enable Two-Factor Authentication (2FA): Use 2FA for accounts related to ticket purchases or streaming services to add an extra layer of security.
  • Be Skeptical of Giveaways: Avoid engaging with social media giveaways that require personal information or payments. Verify accounts by checking for official badges or follower counts.
  • Use Secure Streaming Platforms: Stick to legitimate services like F1 TV or ESPN for race coverage. Ensure devices have updated antivirus software, such as Bitdefender Total Security, to detect malware.
  • Optimize Device Performance: For smooth streaming, upgrade to at least 16GB RAM, use an SSD, and ensure a stable Ethernet connection to avoid buffering.

Protective Measures for F1 Teams

F1 teams can strengthen their cybersecurity posture with these strategies:

  • Employee Training: Conduct regular training on phishing, social engineering, and other cyber threats to raise awareness among staff.
  • Network Segmentation: Isolate critical systems to prevent a single breach from compromising the entire network.
  • Vulnerability Scanning: Perform regular scans and penetration testing to identify and address weaknesses in IT infrastructure.
  • Third-Party Audits: Collaborate with cybersecurity firms, as Red Bull and Renault did, to assess and enhance defenses.
  • Incident Response Plans: Develop and test plans to quickly mitigate breaches, as McLaren did in 2019.

References

  • F1 Chronicle: 7 Formula 1 Scams That Are Catching Out Fans Right Now
  • Formula1.com: Belgian Grand Prix 2025
  • GPToday.com: F1 News and Results
  • Centre for Cybersecurity: Cybersecurity in Formula 1
  • TechRadar: Grand Prix Website Hacked for Phishing Emails
  • ExpressVPN Blog: The Biggest Cyberattacks in F1 History
  • Mashable: A Guide for Avoiding Scams Around the Formula 1 in 2025

Ayush Panwar

Related Blogs