article featured image


Top European football club, FC Barcelona, recently has its official website used by scammers in a sophisticated third-party fraud campaign. According to Adex, an ad fraud monitoring platform, the threat actors used the website of the Catalonian club to increase traffic to a likely fraudulent iGaming website.

FC Barcelona’s website is visited monthly by 5.4 million people and ranks among the most visited football clubs.

The Fraud Attempt Explained

According to Cybernews, the suspicious-looking link leading to the website of Barca was discovered recently, on November 16th. Since the link led to an online gambling portal most likely meant for the Indonesian market, experts investigated the case on their own.

After an analysis, there was discovered a nameserver (NS) record mismatch between the second and third-level domains. The NS records of the subdomain under investigation were housed on Google Cloud DNS whereas the official website was hosted on Amazon Web Services (AWS).

barcelona gambling platform scam

Online gambling website where the domain led to (Source)

The contents of the subdomain webpage represented a huge risk, not only for the safety of the brand, but also for terms related to potential illegal gambling.

It definitely doesn’t happen every day to expose such a fraud case. Usually, criminals mimic popular or authoritative websites by switching a letter or two in the domain name or copying the interface’s design. It’s a bold move to hijack a subdomain of a club loved by many and use their good name to deceive users.


FC Barcelona was quickly informed about the issue. It is likely that the football club did not notice the suspicious activity, since the subdomain was not indexed by Google, and no traffic spike was detected as the fraudulent subdomain was hosted on a different server.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.

Author Profile

Cristian Neagu


linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

Leave a Reply

Your email address will not be published. Required fields are marked *