FIFA 2026 World Cup: Top Cyber Threats

From June 11–19, 2026, the FIFA World Cup unfolds across 16 cities in the U.S., Canada and Mexico. This will be the largest sporting event in history. The event will also form the largest and most complex cyberattack surface sport has ever seen, spanning ticketing portals, transportation networks, streaming platforms, stadium IoT and sponsor networks.

Our report takes an activity-centric view of threats based on our underground observations. We map the most likely threats to four primary target categories: event participants, corporate sponsors, host city entities and essential tournament infrastructure.

Key takeaways:

• Phishing, ticketing impersonation and travel fraud are already targeting participants. We identified roughly 19,000 "fifa"-themed domains created since January 2026.
• Ransomware, data extortion and leak campaigns threaten sponsors, host cities and core infrastructure.
• Streaming fraud and piracy endanger media-rights revenue and expose fans to credential theft and malware.
• State-aligned actors and hacktivist collectives are expected to launch DDoS attacks against hotels, transport and host-city systems, echoing activity seen during the 2026 Winter Olympics.