Fans scrambling for 2026 FIFA World Cup tickets face a growing threat online: the FBI has identified 36 spoofed websites designed to mimic FIFA’s official domain and steal payment information. The warning, issued by the FBI’s Internet Crime Complaint Center on May 27 under Alert Number I-052726-PSA, lands just days before the tournament’s opening match on Thursday. The agency’s advice is blunt: type fifa.com directly into the browser address bar and avoid clicking links from search results, ads, or emails.
Why 36 fake FIFA sites surfaced right before kickoff
Scammers follow the money, and few events concentrate global consumer spending like a World Cup. The IC3 alert describes how threat actors register domains that closely resemble FIFA’s official web address, a technique known as typo-squatting. A buyer who mistypes a single character or clicks a promoted search result can land on a page that looks authentic but exists solely to harvest credit card numbers and personal data.
This is not an isolated tactic. The FBI issued a separate advisory documenting the same playbook against its own IC3 website, where criminals registered lookalike domains using alternative top-level domain extensions. That alert specifically told users to type the official URL directly into the browser and to skip sponsored search results entirely. A third IC3 bulletin, focused on fake employee self-service portals, detailed how fraudulent search-engine advertisements can appear above legitimate results, routing victims to phishing copies before they realize the address is wrong.
The pattern across all three advisories is consistent: attackers buy domains that differ by one letter, swap a “.com” for a “.org” or “.net,” and then bid on search ads so their fake pages rank higher than the real ones. The World Cup simply gives them a massive, time-sensitive audience willing to pay hundreds of dollars in a hurry.
How the IC3 documented the FIFA spoofing campaign
The IC3 public service announcement titled “Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup” lists 36 examples of domains that impersonate the official FIFA site. These are not hypothetical risks. Each domain was identified and catalogued by the FBI before publication, giving the agency enough evidence to issue a formal public warning.
The alert does not disclose how many consumers have already lost money, nor does it specify which of the 36 domains are still active versus seized. FIFA itself has not released any public statement on ticket-fraud volume tied to these spoofed sites. What the IC3 does provide is a clear description of the mechanics: typo-squatted URLs, convincing page designs, and checkout flows that capture card details without delivering any ticket.
The FBI’s recommended defenses are simple. Buyers should never follow a link from an email, text message, or social media post claiming to sell World Cup tickets. Instead, they should manually type fifa.com into the browser bar every time. Bookmarking the official page is another option the agency endorses. If a deal appears in a search ad, the FBI says to ignore it and go directly to the known address.
Unanswered questions about the FIFA ticket fraud campaign
Several gaps remain in the public record. The IC3 announcement does not say whether the 36 identified domains are controlled by a single group or multiple unrelated actors, nor does it detail how long the spoofed sites have been live. There is also no breakdown of which countries the victims reside in, what payment processors were abused, or whether law enforcement has moved to seize any of the domains. Without those details, it is difficult for consumers to gauge the full scale of the operation.
Another open question is how effectively search engines and ad platforms are policing the problem. Previous IC3 reporting on fake payroll portals highlighted how malicious advertisers can briefly outrank legitimate sites, even when users search for an exact brand name. The World Cup ticket rush creates similar incentives: criminals need only keep their fraudulent ads online long enough to capture a wave of impulsive purchases before platforms detect and remove them.
The advisory also does not address potential knock-on risks beyond stolen card data. Victims who submit passports, national IDs, or account logins to verify ticket purchases could face identity theft or account takeover long after they realize the tickets are fake. For now, the FBI is focusing its public messaging on basic hygiene: verify the URL, distrust unsolicited offers, and report suspected fraud quickly.
What fans should do if they suspect a fake FIFA site
For consumers, the practical steps are straightforward but time-sensitive. Anyone who believes they entered payment information on a spoofed ticket site should contact their bank or card issuer immediately to dispute charges and request new credentials. They should also monitor statements for small “test” transactions that can signal broader fraud. If personal identification documents were uploaded, placing fraud alerts with credit bureaus and watching for new account openings becomes critical.
The FBI urges victims and near-victims alike to file complaints through its online IC3 portal, including the exact domain name, dates of contact, and any payment records. Detailed reports help investigators map connections between spoofed sites, advertising campaigns, and underlying threat actors. Over time, that data can support takedown efforts and inform sharper public warnings ahead of future global events.
With kickoff approaching, the core message from federal investigators is to slow down. World Cup tickets are scarce, emotions are high, and criminals are counting on fans to click first and check later. Typing fifa.com by hand, double-checking every URL, and ignoring too-good-to-be-true offers may feel tedious in the moment, but those small habits are the main line of defense against a wave of fraud built to exploit the world’s biggest game.
David M. Keller is a finance writer based in Columbus, Ohio, covering personal finance and consumer-focused economic topics. He earned his degree in journalism from Ohio University and began his career reporting on local business and economic trends for a regional media outlet. Since then, he has contributed to a variety of online publications, focusing on clear, practical coverage of topics such as cost of living, debt, and everyday financial decision-making.
