As the 2026 FIFA World Cup approaches, cybercriminal activity is also increasing. A new report from Checkpoint Software shows that cyberattacks, fraud, ransomware and organized crime are already targeting everything from travelers and gambling companies to airports and hotels ahead of the world's biggest football tournament.
The 2026 FIFA World Cup is expected to attract millions of visitors and billions of television viewers worldwide. At the same time, it will create a unique environment where large payment flows, high activity and time pressure provide cybercriminals with new opportunities. According to Check Point's report, the number of fake FIFA and World Cup-related websites has and fraud campaigns increased sharply in the spring of 2026.

Financial services, travel and hospitality, and gambling and betting are particularly vulnerable. Within the travel and hospitality sector, 56 percent of the identified malicious domains target accommodation and travel services, where fans spend large sums of money ahead of the tournament. The report also shows that fraudsters are increasingly using fake ticket sales and booking sites to obtain payment details and personal data.
Companies involved in the championship are also at increased risk. Over a third of official partner companies lack sufficient protection against email spoofing, which increases the risk of so-called CEO fraud and false payment instructions. At the same time, the report points out that ransomware and cyberattacks against airlines, airports and hotels are already a growing problem globally. Even short-term disruptions during match days can have major consequences for travelers and critical societal functions.
In addition to traditional cybercrime, the report warns that increased tourism and international payments could be exploited for money laundering and human trafficking, while state-sponsored actors are expected to use denial-of-service attacks and AI-generated disinformation to disrupt and influence global attention surrounding the tournament.
“What is clear is that the threat landscape surrounding the 2026 FIFA World Cup is already both active and well-organized,” says Oskar Rödin, security expert at Check Point Software. Attackers are not waiting for the championship to begin. They have already built the infrastructure necessary to carry out cyberattacks, fraud and ransomware campaigns when trust is at its highest, time pressure is at its greatest and the eyes of the world are on the tournament.
Organizations therefore need to strengthen protections around identities, payment flows and mission-critical systems now. At the same time, supporters should stick to verified services, avoid fraudulent offers linked to cryptocurrencies and betting, and be vigilant against offers that seem too good to be true.
To read the full report, click here.








