Chinese-speaking fraud gang could be stealing millions from 2026 World Cup fans
Cybercriminals have registered more than 4,300 fraudulent domains impersonating FIFA's official web presence since August 2025.
Chinese-speaking fraudsters have built a near pixel-perfect clone of FIFA's official website across more than 300 domains in an attempt to steal credentials and payment details from fans seeking tickets to the 2026 World Cup.
The operation — one of four independent campaigns detailed Wednesday by cybersecurity firm Group-IB — could put billions of dollars at risk when accounting for credential theft, fake ticket sales, counterfeit merchandise, fraudulent streaming sites and unlicensed gambling platforms, said the Singapore-based company.
The potential scale of the fraud mirrors the scale of the 2026 World Cup, which is set to be the largest edition of the tournament in history, with 48 teams competing across 104 matches in the United States, Canada and Mexico.
Source: https://therecord.media/chinese-speaking-fraud-gang-fifa-world-cup-scam
Related breach coverage
- Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes2026-05-29
GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it’s part spy op, part crime gang. Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. The group targets Ukraine and Ukrainian-related organizations across military, government, civilian, […]
- Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown2026-05-21
Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple ‘s annual fraud prevention report for 2025 paints a striking picture of just how much effort goes into keeping the App Store clean. The numbers are significant: more than two million app […]
- Cyber espionage campaign targeted stock exchange executive’s Outlook account2026-06-03
Attackers spent five months silently stealing emails from a stock exchange executive’s Outlook account in a suspected espionage operation. A threat actor quietly sat inside a senior executive’s Outlook account at a major global stock exchange for roughly 150 days, from October 2025 to March 2026. Broadcom’s Symantec and Carbon Black threat-hunting team investigated the […]
- Google Patches Actively Exploited Android Flaw Affecting Millions of Devices2026-06-03
Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fixing 124 vulnerabilities across the mobile operating system. One flaw, tracked as CVE-2025-48595 (CVSS score of 8.4) stands out from the rest because it is already being exploited in […]