These threat actors mirror the design of the official FIFA portal to trick unsuspecting users into handing over sensitive information or purchasing fraudulent hospitality packages. According to the FBI, once a criminal obtains a victim's personally identifiable information, they can create unauthorized accounts and commit long-term financial fraud. The agency cautions that these sites often rely on subtle misspellings or look-alike URLs to catch users who are typing quickly.
To avoid falling victim, the FBI emphasizes that fans should exclusively use the official domain at www.fifa.com. Official ticket operations, including last-minute sales, the verified resale marketplace, and legitimate hospitality packages, are centralized solely through that platform. The agency has identified a extensive list of compromised domains, including sites like fifa[.]cab, fifa-ticket[.]live, and worldcup2026-tickets.com, which should be avoided entirely. Users are advised to manually verify URLs and remain skeptical of any third-party sites claiming to offer exclusive access or employment opportunities related to the tournament.
Comments (0)
No comments yet. Be the first!