Crypto-related fraud targeting FIFA World Cup fans has intensified ahead of the 2026 tournament, with U.S. authorities warning that scammers are using fake ticket offers, phishing websites, and cryptocurrency payment requests to steal money and personal data.
Summary
- U.S. authorities warned that scammers are targeting World Cup fans with fake ticket sales, phishing websites, and crypto payment requests ahead of the 2026 tournament.
- Law enforcement agencies said criminals are using AI-generated fake FIFA pages and typo-squatted domains to steal personal, financial, and login information.
- Binance reported blocking 22.9 million scam and phishing attempts in Q1 2026, while Chainalysis estimated crypto thefts reached $3.4 billion this year.
According to the Los Angeles County Sheriff’s Department, criminals are promoting counterfeit World Cup tickets, hospitality packages, merchandise deals, streaming subscriptions, and sports betting offers through websites and social media campaigns designed to mimic legitimate FIFA services.
The warning arrives as the United States, Canada, and Mexico prepare to host the 2026 FIFA World Cup, an event expected to attract millions of visitors. It also comes during a year in which cryptocurrency-related theft has already reached $3.4 billion, according to blockchain analytics firm Chainalysis.
Officials said one of the most common warning signs involves sellers requesting payment through cryptocurrency, wire transfers, gift cards, peer-to-peer payment apps, or other methods that are difficult to reverse once funds have been sent.
Residents were advised by the Sheriff’s Department to purchase tickets only through FIFA’s official channels and to avoid relying on links distributed through social media posts, messaging apps, text messages, or sponsored advertisements.
Fake FIFA websites are being used to harvest personal information
Security concerns extend beyond fraudulent ticket sales. According to the Sheriff’s Department, attackers are creating websites that closely resemble official FIFA pages in an effort to capture login credentials, payment information, and personal data.
Cybersecurity researchers cited by the department said artificial intelligence tools are making it easier for criminals to clone trusted brands and rapidly deploy convincing phishing campaigns.
Separately, the FBI Cyber Division recently warned about World Cup-themed phishing operations that use “typo squatting,” a tactic involving domain names that closely resemble legitimate websites but contain small spelling changes intended to deceive users.
Users who enter account details or payment information on those sites risk exposing sensitive data that can later be used for identity theft or financial fraud, according to law enforcement agencies.
Crypto users face growing phishing threats beyond World Cup scams
The latest alert follows several crypto-focused phishing campaigns reported in recent months.
As reported earlier by crypto.news, users have identified phishing emails that appear to originate from legitimate Google account systems. The reported scheme uses recovery contact request notifications containing malicious links hidden within the request details.
Researchers and affected users said the emails often resemble authentic Google security messages. In some reported examples, attackers used large amounts of blank space to push harmful content lower in the email, making the message appear legitimate when first opened.
The danger for cryptocurrency holders is particularly severe because stolen login credentials, session information, or two-factor authentication data can provide attackers with access to exchange accounts and digital assets.
Evidence of the growing threat has also emerged from major trading platforms. Earlier this year, crypto exchange Binance reported that its security systems blocked 22.9 million scam and phishing attempts during the first quarter of 2026, a 54% increase from the previous quarter. Binance said those measures helped protect approximately $1.98 billion in user funds.
For individuals who believe they have fallen victim to a scam, the Los Angeles County Sheriff’s Department recommends contacting local law enforcement, notifying financial institutions, preserving transaction records, and filing a report with the FBI’s Internet Crime Complaint Center.
