FBI warns of fake FIFA websites running World Cup fraud schemes

Source: Bleeping Computer

The FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, aiming to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event.

Fake FIFA Websites

With the international soccer tournament set between June 11 and July 19 in the United States, Canada, and Mexico, threat actors have prepared hundreds of phishing sites. According to the FBI’s public service announcement, the fake domains impersonate the official fifa.com but rely on minor spelling changes that users are likely to miss, such as fiffa.com, and use alternative top‑level domains (e.g., .org, .xyz, .live, .sale). Other examples include fake employment portals like jobs-fifa.com or fifa-hiring.com.

Data Collected

The agency notes that many of the fraudulent websites collect from visitors various types of data, including names, physical and email addresses, phone numbers, and banking/payment details. This information could be used to create fraudulent accounts, commit identity theft, or run financial scams.

Scale of the Campaigns

The scale of these campaigns is reflected in reports from cybersecurity companies Group‑IB and Bitdefender. Their researchers observed World Cup‑related malvertising campaigns promoted through Google Search, Facebook ads, Telegram, and WhatsApp.

A major operation that Group‑IB researchers attributed to a Chinese threat actor tracked as Ghost Stadium uses more than 300 phishing sites—clones of the real FIFA portal—for premium ticket fraud.

Fake tickets portal
Source: Group‑IB

Starting in February, Bitdefender observed fraudulent activity around the World Cup brand targeting users in the UK, Portugal, Spain, Algeria, the US, Canada, Mexico, Brazil, Germany, and Australia. The scams involved fake merchandise, kits and collectibles, streaming services, and Panini sticker offers.

Ad for fake merchandise
Source: Bitdefender

How to Protect

As public interest in the World Cup surges, cybercriminals will try to take advantage through various lures, leading to fraudulent online portals designed to sell fake products or steal money and user data. Fans can steer away from these risks by following the FBI’s recommendations:

• Manually type fifa.com into the browser.
• Avoid sponsored search ads or use an ad blocker.
• Verify the URL ends in .com.
• Use bookmarks for official FIFA sites.
• Avoid suspicious links sent via direct messages.
• Never enter sensitive data unless the site is verified authentic.

Users are encouraged to report incidents to the FBI’s Internet Crime Complaint Center (IC3) and include details such as the fake domain used, interaction history, and payment information, so authorities can take action against the fraudulent portal.