Domains created to take advantage of the FIFA Club World Cup 2025 in the United States were recently found. It’s a sign of what’s to come for the big one – the 2026 World Cup.
According to PreCrime Labs, the threat research team at BforeAI, a cybersecurity company specializing in proactive threat prevention, many domains used this year have already been registered for the FIFA World Cup 2026.
“This highlights two key tactics used by attackers: they either repurpose old domains for new campaigns or register new ones well in advance,” said the researchers.
“By ‘aging’ these domains for a year or more, attackers can better avoid detection and improve their success rates as the event nears. We even discovered domains registered for the FIFA tournaments in 2030 and 2034.”
In their report, PreCrime says it has analyzed a set of 498 domains that contain FIFA, football (soccer), and World Cup-related brand terms (e.g., “worldcup,” “fifa,” “football”).
These domains span a mix of obvious trademark typosquats, speculative registrations, generic fan, merchandise, and betting names, and community or amateur-football sites.
In one example, researchers found a domain with a page title that says “FIFA world cup schedule” to lure users searching for official match information. When they visit the site, they are met with a betting page.
This is a common trend observed around mega sporting events, where adversaries abuse trending keywords to maximize search visibility and social media spread.
The page content is in Mandarin Chinese, but FIFA and official broadcasters don’t actually use such channels for promotions. Prominent use of celebrity pictures and “official partner” keywords are used to establish legitimacy, which is not verifiable with FIFA’s actual sponsor list.
Claims like “ 巴 西 圣 保 罗 ” (Brazil São Paulo official partner) are used, but in Mandarin, to enhance credibility.
Another webpage promotes an “EV Map for World Cup 2026,” claiming to help traveling fans find hotels and restaurants with EV chargers. In fact, the campaign obviously aims to collect personally identifiable information through a B2B phishing scheme.
Unsurprisingly, the most typical scams associated with large sporting events are websites with prominent call-to-action buttons to “Buy Tickets,” a classic high-risk lure for financial fraud.
In this case, fake branding elements, especially those of payment partners (VISA), flags, and FIFA logo lookalikes, were strategically added to the domains.
Unsurprisingly, the most typical scams associated with large sporting events are websites with prominent call-to-action buttons to “Buy Tickets,” a classic high-risk lure for financial fraud.
Major events tournaments such as global soccer events or huge concert tours predictably trigger spikes in fraud infrastructure: fake ticketing, counterfeit merchandise, unlawful streaming, betting lures, and generic “fan guide” pages used as lead-gen or phishing launchpads.
And the FIFA World Cup is undoubtedly the largest one out there. In 2022, when the tournament was held in Qatar, it engaged five billion fans across all media, FIFA said.
Your email address will not be published. Required fields are markedmarked