The FBI's Internet Crime Complaint Center warned on May 27, 2026 that threat actors are spoofing FIFA websites ahead of the 2026 FIFA World Cup. The warning focuses on lookalike websites that can pose as FIFA pages, collect personal or banking information, and sell fake World Cup tickets or hospitality products.
If you are looking for tickets, hospitality, event information, a FIFA login, or a FIFA-related job page, the first safer step is to go directly to FIFA.com, FIFA.com/tickets, or FIFA.com/hospitality instead of relying on a search ad, sponsored result, social post, email, text, or unfamiliar link.
The warning is about spoofed or lookalike websites. It does not state that FIFA.com was hacked, that official FIFA ticket pages are unsafe, or that the FBI has confirmed a public victim count or loss total for this alert.
What the FBI alert confirms
- Alert: IC3 Public Service Announcement I-052726-PSA, issued May 27, 2026.
- Scam pattern: spoofed FIFA domains, typo-squatting, fake ticket or hospitality pages, and phishing-style information collection.
- People most likely to run into it: World Cup fans, ticket buyers, hospitality buyers, FIFA account users, job seekers, and people searching for FIFA pages.
- Main risk: personal information, payment details, account credentials, or money may go to a fake site instead of an official FIFA path.
- First safer step: type the official FIFA address yourself or use a bookmark, then navigate from the official site.
- Limit: the PSA does not report a confirmed victim count or loss total.
What the FBI warned about
The IC3 PSA says threat actors are creating deceptive versions of FIFA-related websites. According to the FBI, these pages may use branding, product listings, or domain names that look close enough to make a visitor think they are interacting with an official FIFA page.
The FBI says the activity is being used to collect personally identifiable information, gather banking information, sell fake World Cup tickets and hospitality products, and possibly support other malicious activity. The PSA also says the FBI expects additional fake domains to appear leading up to and during the tournament.
The examples in the PSA include altered top-level domains, misspellings, fake ticket domains, fake career domains, and domains that visually imitate FIFA.com. A domain can contain the word FIFA, tickets, jobs, career, World Cup, or 2026 and still be unaffiliated with FIFA.
Domains the FBI named in the alert
The FBI listed the following as examples of domains already identified. They are shown here in defanged form, using [.] instead of a live dot. Do not type or visit them.
Pattern
FIFA with unusual domain endings
Domains shown in the FBI alert
www.fifa[.]cab, www.fifa[.]pink, www.fifa[.]blue, www.fifa[.]pub, FIFA[.]city, Fifa[.]bio, fifa[.]beer, fifa[.]click, fifa[.]cam, fifa[.]ceo, fifa[.]help
Pattern
Misspellings and FIFA.com lookalikes
Domains shown in the FBI alert
filfa[.]org, fifa-online[.]com, wvvw-fifa[.]com, ww-fifa[.]com, fifa-com[.]com, www.fifa-com[.]services, www.fifa2026p[.]com, fifa2026fworldcup[.]com
Pattern
Career and hiring wording
Domains shown in the FBI alert
jobs-fifa[.]com, fifa-hr[.]com, fifa-careerhub[.]com, fifaworldcup-careers[.]com, fifa-hiring[.]com, fifahiring[.]com
Pattern
Ticket and sales wording
Domains shown in the FBI alert
fifa-ticket[.]live, worldcup2026-tickets.com[.]mx, worldcup26ticket[.]com, 2026fifaworldcuptickets[.]online, fifaworldcup26[.]sale, fifastore.us[.]com
Pattern
World Cup 2026/event-style domains and hosted pages
Domains shown in the FBI alert
https://fifa-2026[.]xyz, fwc2026[.]net, fwc2026.web[.]app, fifaworldcup26.xcover-staging[.]com, quiniela-fifa-2026.pages[.]dev
| Pattern | Domains shown in the FBI alert |
|---|---|
| FIFA with unusual domain endings | www.fifa[.]cab, www.fifa[.]pink, www.fifa[.]blue, www.fifa[.]pub, FIFA[.]city, Fifa[.]bio, fifa[.]beer, fifa[.]click, fifa[.]cam, fifa[.]ceo, fifa[.]help |
| Misspellings and FIFA.com lookalikes | filfa[.]org, fifa-online[.]com, wvvw-fifa[.]com, ww-fifa[.]com, fifa-com[.]com, www.fifa-com[.]services, www.fifa2026p[.]com, fifa2026fworldcup[.]com |
| Career and hiring wording | jobs-fifa[.]com, fifa-hr[.]com, fifa-careerhub[.]com, fifaworldcup-careers[.]com, fifa-hiring[.]com, fifahiring[.]com |
| Ticket and sales wording | fifa-ticket[.]live, worldcup2026-tickets.com[.]mx, worldcup26ticket[.]com, 2026fifaworldcuptickets[.]online, fifaworldcup26[.]sale, fifastore.us[.]com |
| World Cup 2026/event-style domains and hosted pages | https://fifa-2026[.]xyz, fwc2026[.]net, fwc2026.web[.]app, fifaworldcup26.xcover-staging[.]com, quiniela-fifa-2026.pages[.]dev |
This is not a complete blocklist. The FBI said new websites may continue to appear leading up to and during the tournament.
How a fake FIFA site may appear
The visible pattern is a website, ad, search result, or link that borrows FIFA language while sending the visitor to a domain that is not the official FIFA site. The page may look polished enough to feel routine, especially if the visitor is already trying to buy tickets or check event information.
- A domain that uses FIFA with a different ending, extra word, hyphen, misspelling, or country-style variation.
- A ticket or hospitality page that looks official but does not sit on FIFA.com or a FIFA ticketing path reached from FIFA.com.
- A sponsored search result or social media link that displays FIFA-related wording but redirects somewhere else.
- A fake career or hiring page that uses FIFA, World Cup, 2026, jobs, HR, hiring, or career wording.
- A page that asks for personal information, card details, banking information, account login, or a payment before you can verify the path independently.
Why it can look believable
World Cup ticket searches are already high-pressure. People expect limited inventory, changing sales windows, hospitality packages, mobile ticketing, resale options, and country-specific event information. A fake site can exploit that uncertainty by appearing at the exact moment someone is trying to move quickly.
The domain is the critical detail. A real-looking logo, professional layout, countdown, checkout form, or FIFA-related wording is not proof that the page belongs to FIFA. The safer test is whether you reached the page from FIFA.com, FIFA.com/tickets, FIFA.com/hospitality, the FIFA app, or a FIFA support path you opened directly.
Official paths to check first
For tickets, FIFA's ticketing support pages point fans to FIFA.com/tickets as the official and preferred sales hub. FIFA's resale guidance also says tickets bought outside FIFA.com/tickets are considered unofficial channels and may involve fraud, scams, invalid tickets, or cancellation risk.
The FTC's World Cup consumer alert says remaining tickets are sold through FIFA.com/tickets and the FIFA app, while resale tickets are available through FIFA's Resale/Exchange Marketplace and third-party resale platforms. That does not mean every third-party listing is automatically fake. The practical point is to check the official FIFA path first and understand buyer protections before using a third-party reseller.
FIFA's ticketing email support page lists no-reply.fwc26@tickets.fifa.org and noreply@mail.tickets.fifa.com as email addresses fans may add to permitted contacts. If a message uses a different sender, asks for unusual payment, or points to a domain that does not match an official path, verify through FIFA.com before responding.
FIFA's stadium ticket-office support page says tickets are not sold or collected at Stadium Ticket Offices or Ticket Resolution Points, and that support is for tickets bought through official sales channels, including FIFA.com/tickets and the FIFA Resale/Exchange Marketplace. That is useful if a suspicious page claims stadium pickup, local ticket-office purchase, or help with unofficial tickets.
Check these before you click, pay, log in, or enter information
Use these checks before treating a FIFA-looking page, email, ad, or ticket offer as real.
Start from the official address.
Type FIFA.com, FIFA.com/tickets, or FIFA.com/hospitality yourself. For subdomains, navigate from the official FIFA homepage when possible.
Read the whole domain, not just the brand word.
A domain can include FIFA or World Cup wording and still be fake if the ending, spelling, extra words, or structure do not match the official path.
Treat sponsored results and social links as unverified.
The FBI specifically warns that paid imitators may appear in sponsored search results, and the FTC warns that fraudsters can use paid search or social media to drive people to copycat sites.
Check ticket delivery claims.
The FTC says most tickets will be delivered electronically through the FIFA app and warns that someone selling paper tickets or screenshots is likely a scammer.
Do not enter details while uncertain.
Stop before entering a password, one-time code, card number, banking information, home address, or passport-style identity details on a page you cannot verify.
If the only way to complete the offer is to use the suspicious link, that is a reason to stop and verify elsewhere.
If you already used a fake FIFA site
The next step depends on what changed. Start with payment, account, identity, or download risk before spending time on a general report.
What happened
You found a suspicious page but did not use it
First move
Do not enter anything. Save the URL and a screenshot if you plan to report it, then open FIFA.com or FIFA.com/tickets directly.
What happened
You clicked but entered nothing
First move
Close the page and check for downloads, permission prompts, browser notifications, apps, extensions, or profiles. Verify event details from FIFA.com.
What happened
You entered personal or payment information
First move
Contact the relevant bank, card issuer, payment provider, or account provider. Save the fake domain, screenshots, receipts, and transaction records.
What happened
You entered a password or one-time code
First move
Change the password from the real site, turn on multi-factor authentication where available, review account activity, and change reused passwords.
What happened
You paid for tickets or hospitality
First move
Contact the payment provider or bank immediately. Preserve the domain, receipt, seller name, amount, payment method, and any wallet address if crypto was involved.
What happened
You downloaded something or allowed a prompt
First move
Remove unknown downloads, apps, extensions, profiles, or permissions. Update the device and review related account sign-ins.
What happened
You already reported it
First move
Keep report IDs and case numbers. Reporting does not replace bank, payment, account, or identity steps if those still apply.
| What happened | First move |
|---|---|
| You found a suspicious page but did not use it | Do not enter anything. Save the URL and a screenshot if you plan to report it, then open FIFA.com or FIFA.com/tickets directly. |
| You clicked but entered nothing | Close the page and check for downloads, permission prompts, browser notifications, apps, extensions, or profiles. Verify event details from FIFA.com. |
| You entered personal or payment information | Contact the relevant bank, card issuer, payment provider, or account provider. Save the fake domain, screenshots, receipts, and transaction records. |
| You entered a password or one-time code | Change the password from the real site, turn on multi-factor authentication where available, review account activity, and change reused passwords. |
| You paid for tickets or hospitality | Contact the payment provider or bank immediately. Preserve the domain, receipt, seller name, amount, payment method, and any wallet address if crypto was involved. |
| You downloaded something or allowed a prompt | Remove unknown downloads, apps, extensions, profiles, or permissions. Update the device and review related account sign-ins. |
| You already reported it | Keep report IDs and case numbers. Reporting does not replace bank, payment, account, or identity steps if those still apply. |
For deeper next steps, use ScamClarity's pages on phishing links and fake logins, personal-information exposure, or phone and account changes based on what happened.
Where to report or verify
Use the reporting path that matches what happened. Reporting the fake domain is useful, but payment, account, and identity steps may be more time-sensitive if information or money already moved.
- Report the fake website and internet-enabled fraud to IC3.gov. The FBI asks for the fake domain, a description of your interaction, information you provided, and transaction details when available.
- Report consumer fraud to ReportFraud.ftc.gov, especially if the issue involves a ticket offer, fake seller, copycat website, or payment request.
- Contact your bank, card issuer, payment app, marketplace, or crypto platform directly if payment details were entered or money was sent.
- Verify ticket status, ticketing emails, resale questions, and support needs through FIFA.com, FIFA.com/tickets, the FIFA app, or FIFA ticketing support pages opened directly.
- Use IdentityTheft.gov if sensitive identity information may have been misused or identity-theft signs appear.
Related ScamClarity guidance
Use the more specific page when the fake FIFA site led to a click, payment, exposed information, account concern, or travel-related verification problem.
A fake login page, suspicious link, or account-password concern
Use this when the main risk is a phishing page, fake login, password, one-time code, or suspicious link behavior.
Check phishing stepsA fake domain or website needs to be reported
Use this when you need to save a URL, preserve evidence, and choose the right reporting path for a scam website.
Report a scam websitePersonal, payment, login, or identity details were entered
Use this when the fake page may have your contact details, card number, bank details, password, ID, or other sensitive information.
If a scammer has your informationA click led to downloads, prompts, or account changes
Use this when the concern is whether a phone, browser, app, login, or account changed after visiting the page.
Check phone or account changesYou are comparing a ticket checkout page or unfamiliar seller
Use this before entering card details on an unfamiliar checkout or seller page.
Check the store before you pay onlineThe issue includes travel bookings, documents, or trip planning
Use this if the World Cup-related offer moves into hotels, visas, travel documents, QR codes, public Wi-Fi, or booking payments.
Review travel scam safetySources checked June 1, 2026
Sources were used for the official alert, FIFA ticket-verification paths, consumer-protection guidance, and reporting routes.
- FBI IC3 PSA I-052726-PSA
Main source for the May 27, 2026 warning about spoofed FIFA websites, typo-squatting examples, personal-information risk, fake tickets and hospitality products, and IC3 reporting details.
- FIFA ticketing support: outside FIFA.com/tickets
Official FIFA ticketing support for the recommendation to use FIFA.com/tickets and the risk of fake or invalid tickets from unofficial sources.
- FIFA ticketing support: resale-ticket risks
Official FIFA ticketing support for unofficial resale risk, the FIFA Resale/Exchange Marketplace, and ticket-validity limitations.
- FIFA ticketing support: email communication
Official FIFA ticketing support for ticketing email-address checks and direct verification when an email is uncertain.
- FIFA ticketing support: stadium ticket offices
Official FIFA ticketing support for the statement that stadium ticket offices and ticket resolution points do not sell or collect tickets and support official-channel purchases.
- FTC World Cup scam guidance
Consumer-protection guidance on FIFA ticket paths, resale considerations, copycat websites, paid search/social media lures, FIFA app ticket delivery, and FTC reporting.
- IC3.gov
Official FBI internet crime reporting path for fake websites, online fraud, losses, and transaction details.
- ReportFraud.ftc.gov
Official FTC reporting path for consumer fraud, copycat websites, fake sellers, and suspicious ticket offers.
- IdentityTheft.gov
Official identity-theft recovery path when sensitive identity information may have been misused.