Hackers Target Football Fans With Fake FIFA World Cup 2026 Giveaways

02.07.2026 2 minutes Author: Newsman
Cybercriminals are exploiting the excitement surrounding the 2026 FIFA World Cup to distribute the Voidrift malware. Their campaign uses highly personalized phishing emails promising free exclusive FIFA jerseys, and researchers say it has already managed to bypass several widely used corporate email security systems.

The attack begins with a convincing-looking email claiming that FIFA has partnered with the recipient’s employer to offer exclusive World Cup merchandise. Employees are invited to claim a branded FIFA World Cup 2026 jersey by downloading what appears to be a registration form.

Instead of a registration document, victims unknowingly install Voidrift malware on their devices. Once deployed, the malware gives attackers an initial foothold inside the corporate network, allowing them to steal sensitive data, spy on internal business activity, and compromise company accounts.

What makes the campaign particularly dangerous is its high level of personalization. Every email is tailored to its recipient, using the employee’s name and company name, while the image of the jersey even features the employer’s logo. This makes the phishing messages appear highly convincing.

Researchers also found that the campaign successfully bypasses three widely used email security gateways: Cisco IronPort, Microsoft ATP, and Abnormal Security. As a result, even organizations with modern email protection may fail to detect the malicious messages.

“The combination of convincing social engineering, targeted personalization, proven gateway bypass, and concealed payload makes this a high-priority threat requiring immediate attention,” the researchers said.

The researchers emphasize that organizations should not rely solely on automated email security tools. Employee awareness, careful inspection of suspicious emails, and promptly reporting potential phishing attempts remain essential defenses against attacks like this.

This is far from the first scam campaign linked to the 2026 FIFA World Cup. Even before the tournament began, researchers uncovered six separate fraud schemes, four independent threat actors, and more than 4,300 domains impersonating FIFA’s official website.

More recently, U.S. authorities seized nearly 400 domains that were illegally streaming World Cup matches, highlighting how cybercriminals continue to exploit the global sporting event through a wide range of malicious activities.

Subscribe
Notify of
0 Коментарі
Oldest
Newest Most Voted
Found an error?
If you find an error, take a screenshot and send it to the bot.