According to Crypto.news on June 4, U.S. law enforcement issued a warning ahead of the 2026 FIFA World Cup opening, saying scammers are attempting to steal fans’ funds and personal data through fake ticket sales, AI-generated FIFA impersonation pages, domain-hijacking phishing sites, and cryptocurrency payment demands. The FBI’s cyber division confirmed that some World Cup-themed phishing campaigns use a “domain hijacking” strategy, with spellings that are extremely similar to legitimate websites.
Verified Scam Tactics: Four Attack Patterns
The Los Angeles County Sheriff’s Office explained that the specific methods used by attackers include: websites and social media campaigns impersonating FIFA’s official services, promoting forged tickets, hospitality packages, merchandise transactions, streaming subscriptions, and sports betting promotions; AI tools being used to replicate trustworthy brand appearances and rapidly deploy phishing campaigns; domain-hijacking sites stealing users’ login credentials, payment information, and personal data; and requesting withdrawals through hard-to-reverse payment methods such as compulsory cryptocurrency use, wire transfers, gift cards, and point-to-point payment applications.
Official Recommendations From the Los Angeles County Sheriff’s Office
For official protection recommendations for 2026 World Cup fans:
Ticketing channels: Only buy tickets through FIFA’s official authorized channels
Avoid-link sources: social media posts, instant messaging applications, SMS, sponsored ads
Payment method warning signs: Requests to pay via cryptocurrency, wire transfer, gift cards, or point-to-point applications are the most common scam warning signals
If you’ve already been scammed: Contact local law enforcement, notify financial institutions, preserve transaction records, and file a report with the FBI’s Internet Crime Complaint Center (IC3)
Frequently Asked Questions
How is domain hijacking used in World Cup scams?
The FBI’s cyber division explained that domain hijacking refers to attackers registering domain names that are extremely similar to websites of legitimate organizations like FIFA, but with minor spelling differences—tricking users into entering account details or payment information on pages disguised as official, for subsequent identity theft or financial fraud.
How should Binance Q1 2026 attack interception data be interpreted?
Binance reported that its security systems intercepted 22.9 million instances of fraud and phishing attacks in the first quarter of 2026, up 54% from the previous quarter. The related measures helped protect approximately $1.98 billion in users’ funds. Chainalysis added that in 2026, the total amount of cryptocurrency-related thefts has already reached $3.4 billion.
Why are cryptocurrency holders high-risk targets for scams?
The Los Angeles County Sheriff’s Office stated that once cryptocurrency transactions are completed, they are typically irreversible, and stolen login credentials, session information, or two-factor authentication data may allow attackers to directly access exchange accounts, leading to losses of digital assets. The official guidance is to use only FIFA official channels and remain highly alert to any channels that demand cryptocurrency payments.
