A variety of cybercrime attempts are surging ahead of the FIFA World Cup in North and Central America, according to a new report. Fake ticket sales sites mimicking FIFA’s website and fraudulent streaming links embedded with malware are being actively distributed, prompting calls for caution.
Fortinet, a global network security and convergence solutions company, said Tuesday that it recently published its “FIFA World Cup 2026 Cyber Threat Trend Report.” According to research conducted by FortiGuard Labs, a unit of Fortinet, about 8.8% of the 13,000 newly registered World Cup-related domains between January and May this year were classified as malicious or suspicious.
Fortinet warned that “the everyday activities of soccer fans seeking tickets, looking for broadcasts, and searching for related information have all become targets for attackers.” The most representative threat is fake ticket sales sites. Fortinet identified numerous fake ticket sites that imitate FIFA’s official pages. One domain registered in May copied FIFA content verbatim and then collected victims’ information through a fake payment process. On Telegram and dark web forums, scams that increased their credibility by bundling counterfeit tickets with airline and hotel packages were also detected.
Impersonation accounts on social media are another major threat vector. Fortinet detected more than 1,700 FIFA-related accounts and channels suspected of impersonation on social media platforms such as Facebook and Instagram. These accounts are used for various purposes, including spreading fraudulent broadcast links, phishing, and distributing malware, Fortinet explained.
The surge in demand for betting, streaming, and match information apps driven by the World Cup is also becoming a target for attacks. Fortinet identified numerous FIFA-related malicious apps (APKs) distributed through channels other than official app markets. Some of these were found to engage in encrypted communications and ransomware-like behavior.
Login credential theft is also occurring frequently. According to FortiGuard Labs, more than 270,000 login credentials of users who visited FIFA-related sites were exposed, and an additional 1,500 or more FIFA officials’ and organization accounts were identified in past leaked data.
Fortinet stressed that “fans should use FIFA’s official channels when purchasing tickets and refrain from installing third-party apps or accessing broadcast links of unknown origin,” adding that “messages demanding urgent payment are highly likely to be scams, so particular caution is needed.”
Click Here For The Original Source.
