Overview
- Security researchers and Mexican agencies warn of organized scams using look‑alike FIFA sites and social profiles to push fake tickets and merchandise.
- ESET reports the sites copy FIFA’s design and the FIFA ID sign‑in, then harvest logins and card details without delivering seats or goods.
- Check Point says 9,741 new domains using FIFA or World Cup terms have been registered, with a share already flagged as suspicious or malicious.
- The Citizen Council says Facebook accounts for 48.8% of cases, with posts funneling fans into WhatsApp chats that press for immediate bank transfers.
- Officials advise buying only at FIFA.com/tickets, avoiding ads and domains using .shop, .store or .site, noting typical losses of 1,000–3,000 pesos with some far higher.