Thousands of fake FIFA websites, phishing pages, and malware-infected streaming apps are already targeting World Cup fans. Here’s what happened, how criminals operate, and how you can protect yourself.
Table of Contents
What Happened?
Researchers found thousands of fake FIFA websites designed to steal login credentials, payment information, and personal details. Security companies including Group-IB, Fortinet, Bitdefender, Kaspersky, and ThreatFabric reported multiple campaigns involving phishing pages, fake ticket sales, counterfeit merchandise stores, fake betting sites, and malware hidden inside unofficial streaming apps.
The FBI has also warned that criminals are creating fake FIFA domains, fake job offers, and fraudulent social media accounts to target fans searching for tickets, streams, and travel information.
Who Is At Risk and What Information Could Be Stolen?
The primary targets are FIFA World Cup fans looking for tickets, live streams, merchandise, betting services, or tournament-related information.
Researchers found more than 4,300 fake FIFA-related websites. Some copied FIFA’s official login page and asked users to enter their usernames and passwords. In some cases, victims were also asked to reset their passwords, allowing criminals to take control of their FIFA accounts and potentially resell tickets linked to those accounts.
Other operations collected:
- FIFA account usernames and passwords
- Payment card information
- Banking credentials
- Cryptocurrency wallet information
- Passport scans
- Selfie photos used for identity verification
- Email addresses and other login credentials
Researchers also found stolen FIFA login information circulating in databases collected by credential-stealing malware (harmful software that secretly steals account information from infected devices).
Futureproof scans your data for leaks and shows exactly how to close security gaps — before scammers find them first.
Check my safetyInformation like passwords, payment details, passport copies, and identity verification photos can be valuable to criminals. It may be used in account takeovers, identity theft, financial fraud, phishing emails, or impersonation attempts months later.
It is also important to remember that many people do not realize their information was stolen until suspicious activity appears. Criminals often combine data from multiple incidents to make phishing messages look more convincing.
If you are not sure whether your information was leaked somewhere online, automatic monitoring can help you spot problems earlier.
Futureproof monitors your email 24/7 for data leaks and gives clear steps to secure your account from scams.
At Futureproof, Kevin explains digital safety in simple words, with clear tips and zero fluff. He holds a degree in information technology and studies fraud trends to keep his tips up-to-date.
In his free time, Kevin plays with his cat, enjoys board-game nights, and hunts for New York’s best cinnamon rolls.
