World Cup 2026 Mobile Targeted Phishing: The Global Social Engineering Threat

Description

Threat intelligence has uncovered a significant increase in digital scams and phishing campaigns exploiting the FIFA World Cup 2026, specifically targeting mobile users. Three primary attack campaigns have been identified: The first uses typosquatting and institutional spoofing with fake domains like fifa-tickets[.]vip to deceive ticket buyers. The second mimics major sports retailers such as Nike and Adidas, hiding infrastructure behind Cloudflare to steal payment credentials. The third campaign, dubbed OffsideHire, exploits tournament hiring through sophisticated recruitment fraud using an Adversary-in-the-Middle platform targeting corporate Google Workspace accounts with real-time MFA bypass capabilities. These campaigns leverage emotional urgency, ticket scarcity, and mobile device usage patterns to bypass traditional security controls, posing risks to both individuals and enterprise environments through credential harvesting and session hijacking.