Cyber Security Threats During FIFA World Cup

On June 3, 2026, the Canadian Centre for Cyber Security (the Centre) released a cyber threat bulletin (the Bulletin) outlining cyber threats facing individuals and organizations during the FIFA World Cup 2026 (the World Cup). The Centre notes that the tournament’s global visibility and broad attack surface, including digital systems, involved businesses and supply-chain partners, make it a high-profile target for cybercriminals and state-sponsored actors.

The Bulletin groups identified cyber threats into the following three categories:

1. Cyber Threats to Individuals. The Bulletin states that cybercriminals are the primary threat to patrons and spectators, and will exploit public interest in the World Cup through phishing and social engineering campaigns. These campaigns may use event-related lures, such as travel discounts, sports-betting opportunities, or fraudulent offers for merchandise or tickets to steal financial and personal information.

The Bulletin also emphasizes the threat posed by SMS blasters deployed near World Cup events. These portable devices can send large volumes of “smishing” messages containing malicious links to nearby cellphones to harvest credentials, personal information or financial information from victims.

2. Cyber Threats to Organizations, Businesses and Governments. The Bulletin notes that cyber threat actors may exploit heightened public attention and reputational stakes associated with the World Cup to advance their financial, ideological, or geopolitical objectives. Organizations associated with the tournament will likely face increased cyber activity with potential targets including hotels, airlines, venues and service providers.

Among the key threats identified, the Bulletin notes ransomware, distributed denial-of-service and defacement attacks are particularly relevant for organizations associated with the World Cup. It also warns that state-sponsored actors may conduct disruptive cyber activity against the World Cup, particularly where a host nation is involved in or aligned with a party to a geopolitical conflict.

3. Disinformation and Influence Activity. The Bulletin warns that cyber threat actors will likely use deceptive AI-generated content in influence campaigns to undermine institutions and sow doubt and division.

The Centre concludes that awareness and cybersecurity best practices can mitigate many of these threats, and encourages individuals and organizations to take protective measures.

Summary By: Uday Bahal