This threat involves cybercriminals creating hundreds of fake websites that impersonate the official FIFA site by using minor spelling variations and alternative domain extensions. These sites aim to steal personal and financial data, sell counterfeit tickets and hospitality packages, and conduct other fraud schemes related to the 2026 World Cup. The FBI and cybersecurity firms have observed extensive phishing and malvertising campaigns targeting users globally. The fraudulent sites collect sensitive information such as names, addresses, phone numbers, and payment details, which can be exploited for identity theft and financial scams. The FBI advises users to manually type the official URL, avoid sponsored ads, verify domain endings, and report suspicious activity.

Users interacting with these fake FIFA websites risk having their personal and financial information stolen, which can lead to identity theft and financial fraud. Additionally, victims may lose money by purchasing counterfeit tickets and hospitality packages. The widespread nature of the campaigns increases the likelihood of victimization, especially among World Cup fans seeking tickets or merchandise. There is no indication of direct compromise of FIFA systems or infrastructure; the threat is primarily to end users through social engineering and phishing.

The FBI recommends users manually type fifa.com into their browsers and avoid clicking on sponsored search ads or suspicious links. Users should verify that URLs end with .com and use bookmarks for official FIFA sites. Sensitive information should only be entered on verified authentic websites. Reporting incidents to the FBI’s Internet Crime Complaint Center (IC3) with details about the fraudulent domains and interactions is encouraged to aid law enforcement actions. There is no patch or technical fix since this is a social engineering and phishing threat. Vigilance and user education are key mitigations.