FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

Researchers and the FBI report a large, active fraud campaign targeting World Cup 2026 fans: thousands of lookalike FIFA domains and phishing sites (including a cluster dubbed GHOST STADIUM), fake ticket and merchandise shops, and malicious streaming apps that install Android banking trojans (Massiv, Perseus). Credential-stealing families (Vidar, LummaC2, RedLine), reuse of ad tracking codes, crypto-only payment asks, and parked domains ready to activate indicate a high-scale operation with measurable financial impact; recommended mitigations include buying only via fifa.com, enabling MFA, avoiding sideloaded streaming apps that request accessibility access, and monitoring for FIFA-themed IOCs.