InfoSecBulletin Cybersecurity for mankind
The FBI warned people in a Public Service Announcement Alert I-052726-PSA on May 27, 2026, that bad actors are running fake campaigns against FIFA sites before the 2026 FIFA World Cup.
The campaign aims to take advantage of worldwide interest in the tournament by tricking users into visiting fake websites that look like the real FIFA site.
Anthropic disables Fable 5 and Mythos 5 Access after US order limiting foreign access
Using AI, Researcher Hacks Google and Earns $500,000 Bug Bounty
Chrome 149 fixes 28 flaws, including critical UAF bugs
Dahua patches multiple critical vulnerabilities in its products
South Korea fines Coupang Record $409 mln fine for data leak
ShinyHunters claim stolen data from 100+ org via oracle PeopleSoft servers
Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered
73 Microsoft Packages Compromised in Password Stealer Attack
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
Microsoft June Patches 200 Vulnerabilities including 3 zero days
Spoofed websites look like real FIFA sites. They often have fake tickets, job ads, and merchandise pages.
The main goal is to collect personal information (PII), like names, addresses, phone numbers, email details, and money information. Sometimes, attackers also help with fake transactions, like selling fake World Cup tickets and phony hospitality packages.
The attack method mostly uses typosquatting and domain spoofing. Cybercriminals create domains that are similar to the real URL fifa.com by using wrong spellings, extra words, or different top-level domains (TLDs).
FBI found examples like fifa[.]pink, fifa[.]ceo, filfa[.]org, fifa-ticket[.]live, and worldcup26ticket[.]com. Other tricky versions like wvvw-fifa[.]com and fifa-com[.]com take advantage of looks to fool users quickly.
Attackers are using subdomain tricks, making sites like jobs-fifa[.]com and fifa-careerhub[.]com to fool people looking for World Cup jobs.
These websites often have fake forms or harmful pages made to steal important user information or cause more system damage.
The FBI says that bad activity will increase as the 2026 World Cup gets closer. More fake websites will likely show up in search results, ads, and phishing links sent through email and social media.
bfore.ai’s PreCrime Labs found 498 suspicious FIFA-related websites before the event, showing how big the operation is.
To stay safe, it’s best for users to type the official FIFA website URL, www.fifa.com, directly into their browser instead of clicking on search results or ads.
Security experts suggest checking domain names before logging in, using bookmarks for sites you visit often, and seeing sites with bad design, odd redirects, or unexpected requests for personal info as a warning sign.
Organizations and security teams should watch for new domains connected to FIFA and World Cup terms. They should use DNS filtering and set up threat intelligence feeds to spot new signs of security issues.
Browser isolation and endpoint protection tools can help reduce a company’s risk from ongoing phishing attacks.
