ThaiCERT warns of FIFA World Cup 2026 fake sites and malware apps
The agency says fraudsters are using fake FIFA-style websites, bogus tickets and unauthorised streaming apps to steal user data.
- ThaiCERT has detected fake websites impersonating the official FIFA site to steal personal and financial information, such as FIFA ID credentials and payment card details.
- Scammers are distributing unauthorized streaming applications that contain malware designed to steal sensitive data, take control of devices, and access user accounts.
- The fraudulent schemes also include the online sale of fake match tickets and counterfeit souvenirs to exploit football fans' interest.
- The agency warns that many scam domains have been registered to appear credible, aiming to facilitate account takeovers and data theft.
The Thailand Computer Emergency Response Team (ThaiCERT) has issued a warning to members of the public, internet users, agencies and organisations to exercise greater caution over online scams impersonating the FIFA World Cup 2026, which is scheduled to be held between Thursday (June 11, 2026) and Sunday (July 19, 2026) in the United States, Canada and Mexico.
Fraudsters exploit World Cup interest with fake data-harvesting sites
ThaiCERT said it had begun detecting activity by scammers exploiting interest among football fans worldwide by creating fake websites that imitate FIFA’s official website, tricking users into entering their FIFA ID account details, as well as payment card information and other personal data.
It also found scams selling fake match tickets and counterfeit souvenirs through online platforms, as well as the spread of unauthorised streaming applications that carry malware that could be used to steal sensitive data, take control of devices, or gain access to victims’ user accounts.
Fake FIFA-style websites designed to seize user accounts
The report also said many domains linked to the FIFA World Cup 2026 had been detected and could be used as tools for scams.
Some websites were designed to closely resemble the official site to appear credible and deceive victims.
If users inadvertently enter login credentials or financial information on fake websites, malicious actors could take over their accounts, steal tickets linked to the accounts, sell the data on the black market or use the information as a channel to expand into other forms of cyberattack.
Public urged to avoid illegal apps and risky links
ThaiCERT advised people to verify websites every time before carrying out transactions, avoid downloading applications from untrusted sources and not click links sent via messages or social media without carefully checking their origin.
It also said users should enable multi-factor authentication (MFA) and closely monitor irregularities in online accounts and financial transactions to prevent possible damage from cyber threats during the 2026 World Cup.
