FBI warns fake FIFA sites hit 2026 World Cup

FBI warns – Ahead of the 2026 World Cup running June 11 to July 19 in the United States, Canada and Mexico, the FBI says fraudsters are setting up fake FIFA websites to steal personal and financial information, sell fake tickets and hospitality packages, and run other sca

The warning arrives with the tournament’s dates already on the calendar: June 11 to July 19 for the 2026 World Cup across the United States. Canada. and Mexico. And as official interest spikes. the FBI is warning that cybercriminals are ready too—using lookalike FIFA websites to lure fans into handing over sensitive information and money.

The FBI says threat actors are impersonating FIFA through fake domains designed to steal personal and financial details. sell fake tickets and hospitality packages. and run other fraud connected to the event. In the agency’s public service announcement. the threat is tied to phishing sites prepared well ahead of time: the FBI says threat actors prepared hundreds of phishing sites.

The trick is often small but effective. The fake domains impersonate fifa.com but rely on minor spelling changes that users are likely to miss—fiffa[.]com is one example. The sites also use alternative top-level domains such as .org, .xyz, .live, and .sale. The FBI also points to fake employment portals. including “jobs-fifa[.]com” and “fifa-hiring[.]com. ” as part of the broader impersonation effort.

Behind the familiar branding, the FBI warns that many fraudulent websites collect data from visitors. That includes names, physical and email addresses, phone numbers, and banking or payment details. The concern isn’t just one-off theft: the agency says the information could be used to create fraudulent accounts. commit identity theft. or run financial scams.

The scale described by cybersecurity research makes the risk feel bigger than any single scam page. Reports from Group-IB and Bitdefender detail World Cup-themed malicious advertising campaigns promoted through Google Search, Facebook ads, Telegram, and WhatsApp.

Group-IB researchers traced a major operation—attributed to a Chinese threat actor tracked as Ghost Stadium—to World Cup ticket fraud tactics. The operation uses more than 300 phishing sites, clones of the real FIFA portal, for premium ticket fraud.

Bitdefender’s findings point to another stream of fraud. Starting in February. the company observed activity around the World Cup brand targeting users in the UK. Portugal. Spain. Algeria. the US. Canada. Mexico. Brazil. Germany. and Australia. The lure there is merchandise and collectibles: fake merchandise, kits and collectibles, streaming services, and Panini sticker offers.

Put these pieces together—phishing sites built to look like FIFA pages. malvertising pushed across multiple platforms. and ticket or merchandise portals designed to extract money—and the picture is clear. Fans looking for official pages or deals are being funneled toward sites that may be convincing at first glance. then dangerous when personal data or payments get entered.

The FBI’s recommendations focus on simple steps that can break the scam’s spell before it starts. Fans are urged to manually type fifa.com into the browser. avoid sponsored search ads or use an ad blocker. and verify that the URL ends in .com. The FBI also advises using bookmarks for official FIFA sites and avoiding suspicious links sent via direct messages.

The agency adds one rule that’s easy to overlook in the rush to buy: never enter sensitive data unless the site is verified authentic.

If someone does get hit, the FBI says reporting matters. Users are encouraged to report incidents to the FBI’s Internet Crime Complaint Center (IC3). including details such as the fake domain used. interaction history. and payment information—information the authorities can use to take action against the fraudulent portal.

FBI warning fake FIFA websites phishing sites 2026 World Cup fraud fifa.com domains Ghost Stadium Group-IB Bitdefender malvertising ticket fraud identity theft IC3