🟠 High  |  Source: The Hacker News


Threat actors began building fraud infrastructure targeting the FIFA World Cup 2026 months before the tournament opened on 11 June, according to Check Point Research. The campaign spans at least ten languages and three sectors, indicating a highly coordinated, pre-planned operation. The scale and preparation time suggest significant risk to fans, sponsors, and organisations with any association to the event.

Security Architect’s Take: Review and tighten brand protection controls and domain monitoring for any organisational assets associated with FIFA 2026 — including ticketing, hospitality, and sponsor-related services. Ensure phishing simulation and user awareness programmes account for high-profile sporting event lures, and validate that cloud-hosted web properties have WAF and bot management controls in place.

Original advisory: What the Numbers Say About FIFA 2026 Cyber Risk