• Category: Security
  • Status: confirmed
  • Sources: FBI IC3 PSA260527
  • Summary: The FBI issued a public service announcement on 2026-05-27 warning that threat actors are operating spoofed FIFA websites ahead of the 2026 World Cup (June 11 to July 19). Group-IB tracked over 4,300 fraudulent FIFA domains registered since August 2025, along with banking malware hidden in pirate streaming apps and at least one operation that replicates FIFA's login page for account takeover. The active window is June 11 to July 19.
  • Why it matters: Developers running authentication, payment, or fan-facing web services should expect elevated credential-stuffing and phishing traffic during the tournament period; rotate shared credentials and verify MFA coverage.

Send feedback on this story