Summary
Key Points:
- Over one-third (36%) of official partners associated with the FIFA World Cup 2026 lack adequate email security measures, exposing the public to increased risks of email fraud and domain impersonation.
- The absence of a strong DMARC (Domain-based Message Authentication, Reporting and Conformance) policy allows cybercriminals to exploit these vulnerabilities, potentially leading to social engineering scams targeting fans and customers during the event.
- Organizations are urged to implement stronger DMARC policies, particularly the "reject" setting, to proactively block fraudulent emails and protect their brand integrity.
Technical Details: The analysis revealed that while 96% of the examined domains have published a DMARC record, only 64% enforce the strongest "reject" policy, which prevents unauthenticated emails from being delivered. This indicates a significant gap in email security practices among partners.
MITRE ATT&CK Techniques: None mentioned
IOCs Mentioned: None mentioned
Join the discussion — sign up to comment, upvote, and save articles.