Suspicious

Phishings targeting FIFA World Cup

Suspicious and active websites

Phishings targeting Fifa

Suspicious and active websites

Active
4
New (7d)
3
Trend (7d)
↑200%
Website
fifa.com
About
AIEvent-driven phishing target around the 2026 World Cup (USA / Canada / Mexico). Lures impersonate official ticketing, hospitality packages, and FIFA recruitment ('careers' / 'HR') pages to harvest payment-card and personal data; bare fifa.<tld> look-alikes and worldcup-2026 ticket-resale domains are the recurring pattern (per the FBI IC3 PSA, May 2026).
Hosts
SEDO GmbH (2) · Weebly, Inc. (1) · Amazon.com, Inc. (1)
Countries
GermanyGermany (3) · United StatesUnited States (1)
TLS certs
Encryption Everywhere DV TLS CA - G2 (2) · E8 (1) · Amazon RSA 2048 M04 (1)

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-06-17 19:30 2026-06-17 18:01
http://worldcup2026fifa.awsapps.com
Screenshot of worldcup2026fifa.awsapps.com TweetFeed Details
2026-06-17 19:30 2026-06-17 18:01
http://fifa-careerhub.com
Screenshot of fifa-careerhub.com GSB TweetFeed Details
2026-06-17 19:30 2026-06-17 18:01
http://fifaworldcup-jobs.com
Screenshot of fifaworldcup-jobs.com TweetFeed Details
2026-06-17 19:30 2026-06-09 17:00
https://fifapointsps4.weebly.com
Screenshot of fifapointsps4.weebly.com PhishTank Details

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

URL Screenshot Details
http://worldcup2026fifa.awsap…
TweetFeed 		Screenshot of worldcup2026fifa.awsapps.com Details
http://fifa-careerhub.com
GSB TweetFeed 		Screenshot of fifa-careerhub.com Details
http://fifaworldcup-jobs.com
TweetFeed 		Screenshot of fifaworldcup-jobs.com Details
https://fifapointsps4.weebly.…
PhishTank 		Screenshot of fifapointsps4.weebly.com Details

AIHow to verify a real FIFA World Cup URL

  • Legitimate FIFA World Cup URLs always end in fifa.com (e.g. www.fifa.com, account.fifa.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not FIFA World Cup.
  • The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
  • If you got the link from email, SMS, or social media, do not click it. Open fifa.com from your browser bookmark or type the domain manually.
  • Real FIFA World Cup pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.