[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKYs1kymO3zJpf4zoLR02l6EN9e8YLtFRns7hprd2Jgk":3},{"article":4,"iocs":43},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":32,"category":33,"article_tags":37},"f4e49afb-e3f0-4779-8dcd-79c578bcdd7c","FIFA World Cup 2026: Hackers Target Football Fans With Fake Tickets Sites","fifa-world-cup-2026-hackers-target-football-fans-with-fake-tickets-sites-c2db10","Cybersecurity experts warn that active hacking networks are using fake hotel bookings, cloned websites, and live chat features to scam FIFA World Cup 2026 fans.","Cybercriminals are exploiting the FIFA World Cup 2026 popularity with multiple scam networks targeting fans. These operations use fake hotel bookings, cloned websites, and live chat features to steal funds and personal details. Some scams even intercept one-time passwords to hijack bank accounts.","Hackers are targeting FIFA World Cup 2026 fans with fake ticket and hotel sites, and betting scams.","Security Phishing Scam Scams and FraudFIFA World Cup 2026: Hackers Target Football Fans With Fake Tickets Sites Cybersecurity experts warn that active hacking networks are using fake hotel bookings, cloned websites, and live chat features to scam FIFA World Cup 2026 fans. byDeeba AhmedJune 19, 20262 minute read With the FIFA World Cup 2026 matches in full swing, cybercriminals are targeting fans with various scams to capitalize on the tournament’s popularity, security researchers warn. Multiple scam networks have been discovered by security firms so far. These networks are designed to steal funds and personal details from people looking for tickets, hotels, and betting options. Fake hotels and betting links Security researcher Prashant Kumar and his team at Forcepoint X-Labs recently tracked these threats. In a statement shared with Hackread.com, Kumar said, “I have looked for FIFA-themed phishing\u002Fmalicious campaigns and observed a large, active, multi-variant phishing and fraud campaign abusing the FIFA World Cup 2026 brand.” The team found three main scam types spread across more than 100 fake web links. The largest operation tricks fans into using illegal gambling platforms tied to ongoing matches through fake links like cn-web-fifacwc.com and zone-2026fifa.com. These links, although they feature Chinese-language text, include custom versions tailored for international audiences in France, Africa, and Asia. Visitors are lured with promises of guaranteed rewards for placing bets on current games; however, in reality, they are redirected to credential-stealing pages. Another active part of the scam uses 14 fake hotel booking networks customized for tournament cities like Dallas, Miami, and New York. Following the format “fifaworldcup2026cityhotels.com“, these pages were all registered within 32 minutes of each other to steal credit card details from travellers looking for last-minute rooms between fixtures. The hackers even cloned the real FIFA website structure under the web link fifa.monster to secretly track visitors and target them with follow-up spam advertisements. Stealing bank codes Other cybersecurity firms like CloudSEK and Netcraft found that these operations are highly organised. CloudSEK traced the main setup to threat actors in China who use an unauthorised payment control panel called tbpay.uk. To make the pages seem real, the hackers even embed a legitimate live chat service called tawk.to to talk to targets. worldcup2026ticket.shop (Source: Netcraft) As fans rush to secure seats for upcoming matches, these scammers are using realistic online checkout pages on links like ww-fifa.com. They do not just take card numbers for future use. Instead, they use a live setup to watch what the victim does on the page in real time. Fake Ticket Shopping Cart (Source: CloudSEK) When the bank sends a text message with a security code, called a one-time password or OTP, the scammers catch it as it is typed. This lets them evade the bank’s security check and hijack the victim’s account completely. Forcepoint confirmed it is actively blocking these confirmed fake sites and their shared backend systems, while constantly writing new rules to stop the lookalike web links that scammers are creating every day during the tournament. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts Cyber AttackCybersecurityFIFA World CupFraudMalwarePrivacyScam Leave a Reply Cancel reply View Comments (0) Related Posts News Malware Microsoft Security Technology Microsoft Office Most Exploited Software in Malware Attacks – Report Atlas VPN has shared its findings for Q1 2022, in which the company revealed startling stats about Microsoft… byDeeba Ahmed Hacking News Security Watch as hackers take over a construction crane Trend Micro Researchers Prove How Easy it is Hackers to Hack a Construction Crane and Cause Destruction. Hacking… byWaqas Read More Security Unpatched Zephyr OS Expose Devices to DoS Attacks via IP Spoofing Is your organisation using Zephyr OS? Patch and update it to the latest version now! byWaqas Security Leaks Malware WikiLeaks Cherry Blossom: WikiLeaks’ Latest Dump Exposes CIA Wireless Hacking Tools The whistleblowing site WikiLeaks is back with yet another Vault 7 series related document. This one is called… byWaqas","https:\u002F\u002Fhackread.com\u002Ffifa-world-cup-2026-hackers-football-fake-tickets-sites\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002Ffifa-world-cup-2026-hackers-football-fake-tickets-sites.jpg","2026-06-19T09:56:33+00:00","2026-06-19T10:00:16.439888+00:00",8,[18,21,24,26,28,30],{"name":19,"type":20},"FIFA World Cup 2026 Scams","campaign",{"name":22,"type":23},"Phishing","technology",{"name":25,"type":23},"Live Chat",{"name":27,"type":23},"Gambling Platforms",{"name":29,"type":23},"Hotel Bookings",{"name":31,"type":23},"One-Time Password (OTP) Interception","e7b231c8-5f79-4465-8d38-1ef13aea5a14",{"id":32,"icon":34,"name":35,"slug":36},null,"Threat Intelligence","threat-intelligence",[38],{"category":39},{"id":40,"icon":34,"name":41,"slug":42},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",[44,48,50,53,56,59,62],{"type":45,"value":46,"context":47},"domain","cn-web-fifacwc.com","Fake gambling platform link used in FIFA World Cup scam.",{"type":45,"value":49,"context":47},"zone-2026fifa.com",{"type":45,"value":51,"context":52},"fifaworldcup2026cityhotels.com","Fake hotel booking network domain used in FIFA World Cup scam.",{"type":45,"value":54,"context":55},"fifa.monster","Cloned FIFA website used for tracking visitors and follow-up spam.",{"type":45,"value":57,"context":58},"tbpay.uk","Unauthorized payment control panel used by threat actors.",{"type":45,"value":60,"context":61},"worldcup2026ticket.shop","Fake ticket shopping cart domain used in FIFA World Cup scam.",{"type":45,"value":63,"context":64},"ww-fifa.com","Realistic online checkout page for fake ticket purchases."]