Particle.news
Download on the App Store
102 ARTICLES
·
2h ago

World Cup Kicks Off This Week as Security Firms Flag 19,000 FIFA‑Themed Scam Domains

Researchers and law enforcement warn a large surge in fake sites, phishing and malware is increasing risks to fans’ tickets, devices and personal data.

South America has become one of the most influential places in the world of soccer.
Christian Pulisic #10 of the U.S. stands at the national anthem during a game between Senegal and the U.S. at Bank of America Stadium on May 31, 2026 in Charlotte, North Carolina.
Image
SoFi Stadium workers arrive at union headquarters for a strike vote amid a contract dispute on June 4, 2026, in Inglewood, California, days before the start of the 2026 FIFA World Cup. Hundreds of workers at Los Angeles’ SoFi Stadium began voting on June 4 on a proposal to go on strike during the World Cup, which kicks off in a week, after negotiations over their safety and wage demands reached an impasse. The vote was taking place at the offices of the Unite Here Local 11 union in Inglewood (south of Los Angeles) and will continue until Friday night. (Photo by Frederic J. BROWN / AFP)

Overview

  • The 2026 FIFA World Cup begins Thursday, June 11 and runs through July 19 with 48 teams, a new 32‑team knockout round and 104 matches staged across 16 host cities in the United States, Mexico and Canada.
  • Intel 471 reported about 19,000 domains referencing “fifa” created since January 2026, which it calls an unprecedented cyberattack surface for a sporting event and says fuels phishing and credential‑theft campaigns.
  • The FBI and Meta have issued public warnings and taken action against scam networks that use spoofed FIFA sites, fake ticket and hospitality offers, and fraudulent gambling links to steal payments and data.
  • Investigators and researchers have documented specific fraud methods, including fake receipts used as proof of purchase, underground sellers offering deeply discounted travel and paid visa services, and social posts promoting bogus hospitality packages.
  • Security firms have also observed malware campaigns that distribute an Android remote‑access trojan through apps marketed as unofficial IPTV or streaming services, while bookmakers and pay‑per‑head vendors push heavy betting markets and promotions that could amplify consumer risk.