ADVERTISEMENT

Chinese hackers use fake FIFA sites to steal card data in Facebook-targeted scam

A Chinese-linked cybercrime operation is using fake FIFA World Cup ticket websites to monitor victims as they shop, harvest payment card details, and intercept security codes used by banks to verify transactions. The scam is using Facebook and Instagram as its main channels.

chinese scammers credit cards fifa

Image by Cybernews

Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Jun 12, 2026 4 min read
Key takeaways:
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
phishingscamFIFA2
Clone of official FIFA website with World Cup trophy logo and full navigation bar. Image: CloudSEK

“Fraud-for-all” platform with user journey monitored

backendfifa
Dashboard shows fraud operator's command and control panel. Image: CloudSEK
Faketicketfifa
Fake Ticket Shopping Cart. Image: CloudSEK

Real-time “man-in-the-middle” attack

Victimmonitoringfifa
Victim monitoring panel. Image: CloudSEK
ADVERTISEMENT

Professional admin, weak security

USA-China-phishing
US appears to be the primary target of scam, with traffic also coming from Italy, Romania, Sweden, Australia, Lithuania and Germany.
"We are now seeing full checkout impersonation, live victim tracking, card skimming, and OTP interception capabilities being combined into one platform."
Gagan Aggarwal, a threat intelligence researcher at CloudSEK TRIAD

FIFA-themed domain boom fuels wider scam ecosystem

World Cup fake 3
Many fake domains are tied to crypto scams, fake merch and fake betting platforms. Image: Guardio

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

ADVERTISEMENT