Official MENA TECH logo<br>

New report: over 336 domains impersonate the official World Cup website

Editors Team

New report detected a cluster of at least 336 unique web domains engineered specifically to impersonate and mimic official World Cup resources. Following the official launch of the World Cup 2026 tournament on June 11, malicious actors have aggressively scaled up automated social engineering operations, leveraging fan excitement to extract liquid funds and hijack private personal datasets.

The mechanics of the active digital broadcast scams target the seasonal migration of millions of global viewers attempting to view live athletic metrics via internet-connected hardware. Threat actors structure high-fidelity phishing landing pages claiming to distribute uncompromised, free streaming channels covering active fixtures. Upon selecting the prominent Watch now prompt, consumers are directed through an automated data entry window requiring user registration.

The system then locks visual continuity, mandating that the user process a dedicated cryptocurrency payment to capture what the interface labels lifetime tournament access. The severe vector risk embedded within this specific scheme exposes target consumers to a double-layer compromise: the immediate, irreversible loss of cryptographic capital paired with the programmatic theft of profile registration credentials.

Concurrently, analysis tracked specialized betting traps leveraging look-alike score prediction boards. Security teams isolated a Spanish-language platform that mandates the entry of granular identifier data—including user first and last names, email vectors, and active telephone numbers—under the guise of routine digital account creation. These data harvest networks leave users highly vulnerable to systemic credential theft, especially across consumer sets that exhibit high password reuse tendencies across unrelated external digital profiles.

Beyond static URL landing traps, cybercriminals are maintaining heavy outbound email spam vectors to coerce targets into deploying manual wire transfers or engaging with bad tracking links. The inbound messages implement optimized subject lines and high-pressure language to build psychological engagement. In an analyzed case file, sports fans received targeted emails offering premium football analytics services and automated match winner probability distributions.

A core indicator of the cyber risk is the artificial construction of an intense sense of time urgency, forcing recipients to process immediate checkouts to lock in limited availability spots. The interface asks for a manual payment of A$200 to grant access keys to the data analytics group, exposing sports consumers to irreversible capital loss.

“Since the start of the tournament, scammers have increasingly focused on the ways fans engage with the event online, as watching matches today requires only an internet connection and a device,” explained Olga Altukhova, Senior Web Content Analyst at Kaspersky.  She adds: “As a result, criminal activity continues to grow, as reflected in the fraudulent websites we observe offering streaming and betting services in multiple languages. We recommend that users stick to official broadcasts to help protect their data and finances.”

THE BRIEF - Curated regional news every Monday
MENA TECH’s weekly newsletter keeps you updated on all major tech and business news.
By subscribing, you confirm you are 18+ years old, will receive newsletter and promotional content, and agree to our terms of use and privacy policy. You may unsubscribe at any time.
Read More
MENA TECH – The leading Arabic-language media platform for technology and business
MENA TECH – The leading Arabic-language media platform for technology and business
Copyright © 2026 MenaTech. All rights reserved.