Jun 8
/
Latest News
Surge in Cybercrime Targets Fans Ahead of 2026 FIFA World Cup
Cybercriminals are exploiting global excitement for the 2026 FIFA World Cup, launching phishing schemes, travel scams, data breaches and malware campaigns that target fans, teams and host cities across North America.
Millions of fans preparing for the 2026 FIFA World Cup are already facing a wave of scams tied to tickets, travel and streaming services, according to new findings from threat‑intelligence firm Intel 471. With the tournament expected to draw unprecedented global attention across 16 host cities in the United States, Canada and Mexico, researchers warn that the event is shaping up to be the most expansive cyberattack surface in sports history.
Intel 471 reports that roughly 19,000 domains referencing “fifa” have been created since early 2026, many of them designed to steal credentials or payment information from fans seeking tickets or merchandise. Authorities are sounding the alarm as well: the FBI has warned of spoofed FIFA websites, fake ticket offers and fraudulent hospitality packages, while Meta says it disrupted a scam network using World Cup branding to funnel users to illegal gambling sites. Several domains impersonating official resources—such as fifa.pink, fifaticket2026vip.com and fifa-web.co—have already been identified.
Scams are also spreading across social media, where fraudsters use forged receipts and deposit requests to lure fans into paying for nonexistent match access. Travel‑related fraud is rising too, with underground sellers offering steeply discounted hotel rooms, flights and rental cars. Some posts even promote illicit border‑crossing routes into the United States or promise World Cup‑linked visas for thousands of dollars.
Football organizations themselves have become targets. In April, a threat actor claimed to have breached the Fédération Royale Marocaine de Football, leaking personal data including passport numbers and FIFA IDs. Another actor claimed to have released thousands of documents from the Asian Football Confederation, with samples allegedly tied to high‑profile figures.
Intel 471 also warns that hacktivist groups may reprise tactics seen during the 2022 World Cup and the 2026 Winter Olympics, where DDoS attacks disrupted websites for hotels, restaurants, transportation services and Olympic committees. Host cities and sponsors are considered likely targets during the upcoming tournament.
Cybercriminals are additionally exploiting demand for match broadcasts. A malware campaign involving the Android remote‑access trojan BTMOB has been linked to fake IPTV and streaming apps promising World Cup coverage. Social media promotions for illicit services such as DoxDoxIPTV and Streamlixy have been used to distribute the malware, which can read messages, access cameras and execute commands on infected devices.
Intel 471 warns that with official broadcast subscriptions often costly or geographically restricted, fans may be tempted by unauthorized streaming platforms—creating fertile ground for cybercriminals eager to profit from the global frenzy surrounding the 2026 World Cup.
Millions of fans preparing for the 2026 FIFA World Cup are already facing a wave of scams tied to tickets, travel and streaming services, according to new findings from threat‑intelligence firm Intel 471. With the tournament expected to draw unprecedented global attention across 16 host cities in the United States, Canada and Mexico, researchers warn that the event is shaping up to be the most expansive cyberattack surface in sports history.
Intel 471 reports that roughly 19,000 domains referencing “fifa” have been created since early 2026, many of them designed to steal credentials or payment information from fans seeking tickets or merchandise. Authorities are sounding the alarm as well: the FBI has warned of spoofed FIFA websites, fake ticket offers and fraudulent hospitality packages, while Meta says it disrupted a scam network using World Cup branding to funnel users to illegal gambling sites. Several domains impersonating official resources—such as fifa.pink, fifaticket2026vip.com and fifa-web.co—have already been identified.
Scams are also spreading across social media, where fraudsters use forged receipts and deposit requests to lure fans into paying for nonexistent match access. Travel‑related fraud is rising too, with underground sellers offering steeply discounted hotel rooms, flights and rental cars. Some posts even promote illicit border‑crossing routes into the United States or promise World Cup‑linked visas for thousands of dollars.
Football organizations themselves have become targets. In April, a threat actor claimed to have breached the Fédération Royale Marocaine de Football, leaking personal data including passport numbers and FIFA IDs. Another actor claimed to have released thousands of documents from the Asian Football Confederation, with samples allegedly tied to high‑profile figures.
Intel 471 also warns that hacktivist groups may reprise tactics seen during the 2022 World Cup and the 2026 Winter Olympics, where DDoS attacks disrupted websites for hotels, restaurants, transportation services and Olympic committees. Host cities and sponsors are considered likely targets during the upcoming tournament.
Cybercriminals are additionally exploiting demand for match broadcasts. A malware campaign involving the Android remote‑access trojan BTMOB has been linked to fake IPTV and streaming apps promising World Cup coverage. Social media promotions for illicit services such as DoxDoxIPTV and Streamlixy have been used to distribute the malware, which can read messages, access cameras and execute commands on infected devices.
Intel 471 warns that with official broadcast subscriptions often costly or geographically restricted, fans may be tempted by unauthorized streaming platforms—creating fertile ground for cybercriminals eager to profit from the global frenzy surrounding the 2026 World Cup.
Executive IT Forums, Inc.
Educational Programs on Information Technology, Governance, Risk Management, & Compliance (GRC).
Our Newsletter
Get regular updates on CPE programs, news, and more.
Thank you!
Copyright © 2026 Executive IT Forums, Inc. All Rights Reserved.
Get started
Let us introduce our school
Write your awesome label here.