The FBI’s Internet Crime Complaint Center issued a public service announcement on May 27 warning that cyber threat actors are actively spoofing FIFA’s official website as the 2026 World Cup approaches. The tournament, hosted across the United States, Canada, and Mexico, has become a magnet for scammers deploying lookalike domains designed to steal identities and hawk counterfeit tickets.
Cybersecurity firm Group-IB has identified over 4,300 fraudulent domains impersonating FIFA since August 2025.
How the scams work
Scammers register domains that look almost identical to fifa.com, banking on the fact that most people won’t notice a missing letter or an unusual domain extension.
Among the fraudulent domains the FBI specifically flagged: fiffa.com, fifa-com.com, jobs-fifa.com, fifa-hiring.com, and fifa-online.com. Some exploit typosquatting, where a single character swap catches users who mistype the URL. Others use alternative top-level domains like .org or .xyz to create sites that pass a casual glance test.
