216.73.216.86

World Cup 2026 Mobile Targeted Phishing: The Global Social Engineering Threat

· Published 11/06/2026 23:09 · Modified 15/06/2026 19:16

Export JSON

Essential information

Published
11/06/2026 23:09
Modified
15/06/2026 19:16
Source / Author
AlienVault
Confidence
100/100
Report type(s)
threat-report
Labels / Tags
aitm credential harvesting fifa world cup 2026 google workspace mfa bypass mobile phishing social engineering typosquatting mobile targeting phishing world cup 2026
Tags
2026-06-11 aitm credential harvesting fifa world cup 2026 google workspace mfa bypass mobile phishing mobile targeting phishing social engineering typosquatting world cup 2026
Related entities
5 indicators, 5 observables, 28 techniques (mitre), 8 others

Description

Threat intelligence has uncovered a significant increase in digital scams and campaigns exploiting the , specifically targeting mobile users. Three primary attack campaigns have been identified: The first uses and institutional spoofing with fake domains like fifa-tickets[.]vip to deceive ticket buyers. The second mimics major sports retailers such as Nike and Adidas, hiding infrastructure behind Cloudflare to steal payment credentials. The third campaign, dubbed OffsideHire, exploits tournament hiring through sophisticated recruitment fraud using an Adversary-in-the-Middle platform targeting corporate accounts with real-time capabilities. These campaigns leverage emotional urgency, ticket scarcity, and mobile device usage patterns to bypass traditional security controls, posing risks to both individuals and enterprise environments through and session hijacking.

External references