Fake FIFA World Cup 2026 websites prompt FBI warning

The FBI had to issue a public alert because the level of hackers spoofing FIFA has become so severe. Earlier this week, the FBI’s Internet Crime Complaint Center (IC3) warned about the surge in fake FIFA websites designed to steal sensitive information and money from users.

Cybercriminals continually exploit current events for their attacks. Historically, events like the Olympic Games, the COVID-19 pandemic, and the Russian invasion of Ukraine have been targeted through phishing schemes, with fake sites spreading malware under pretenses such as “vaccine information” or discounted tickets.

The World Cup experience isn’t any different this time. Eight years ago, TechRadar highlighted ticket scams affecting fans globally. In 2022, fake streaming sites appeared, targeting virtual viewers.

Currently, the FBI reports having discovered at least 35 spoofed websites that closely resemble legitimate ones, featuring convincing branding, product listings, and other key details.

According to the FBI, “Threat actors often create spoofed websites by slightly altering the characteristics of legitimate domain names to gather personally identifiable information (PII) entered by users, including names, home addresses, phone numbers, email addresses, and banking information.”

For example, spoofed website domains might include alternate spellings or use different top-level domains to impersonate legitimate sites. As a result, users could unknowingly visit these fraudulent websites while attempting to access FIFA’s official site.

The FBI advises users to visit the FIFA website directly by manually entering the URL. Those using search engines should steer clear of sponsored links, as they might be paid imitators aimed at diverting traffic, and should always verify that the site they visit is on the .com domain.