As the FIFA World Cup 2026 approaches, security experts and the FBI have issued warnings about an increase in fraudulent activities targeting fans. These scams involve fake FIFA websites, banking malware in streaming apps, and phishing schemes that aim to steal login credentials.
Wave of Fraudulent FIFA Websites
In anticipation of the upcoming World Cup, a significant number of fraudulent websites mimicking official FIFA pages have been identified. Group-IB has reported over 4,300 such domains, with a group known as GHOST STADIUM operating more than 300 phishing sites. These sites closely replicate FIFA’s official login system, enabling scammers to hijack accounts and resell tickets.
The operation primarily drives traffic through social media ads and search results, employing multiple payment methods, including cryptocurrencies, which FIFA’s legitimate ticketing process does not accept. This discrepancy serves as a critical indicator of fraudulent activity.
Variety of Scams Targeting Fans
Beyond phishing websites, other scams have emerged, including fake merchandise shops and streaming services. FortiGuard Labs has documented over 13,000 World Cup-themed domains, with a notable percentage deemed malicious. These sites often distribute malware, posing as legitimate streaming services, which can compromise users’ financial information.
Furthermore, scams extend to counterfeit betting platforms and false job postings, with attackers seeking personal information for identity theft. The presence of phishing-as-a-service markets exacerbates the situation by providing tools for new scammers to exploit.
Mobile and Social Media Threats
Malicious mobile apps, mainly targeting Android devices, have been linked to banking trojans, according to Kaspersky. These apps disguise themselves as popular streaming services but are designed to steal financial data. Users are urged to be cautious of any app requesting accessibility permissions without a valid reason.
Social media platforms like Facebook and Instagram also host numerous scams, with counterfeit merchandise and phishing campaigns prevalent. Bitdefender reports that many of these operations trace back to Chinese networks, leveraging social media to reach potential victims.
Protective Measures and Future Concerns
Fans are advised to purchase tickets exclusively from the official FIFA website and to verify URLs manually. Activating multi-factor authentication and avoiding cryptocurrency payments for tickets can prevent potential scams. Security professionals are encouraged to monitor emerging threats and prepare for potential fraud spikes during the tournament period.
The FBI and Meta have initiated actions to combat these scams, including warning messages on social media. However, the threat remains significant, with thousands of fraudulent domains poised to activate closer to the event. Vigilance and proactive security measures are essential to safeguard against these evolving cyber threats.
