The Secretariat of Security and Citizen Protection and the Cyber Police of the Secretariat of Citizen Security of Mexico City have issued an alert due to the appearance of fake applications that promise live broadcasts of the FIFA World Cup 2026. The warning focuses on fraud and data theft committed through platforms that simulate being official services.
The warning comes at a time of high demand for sports broadcasts, a context that cybercriminals exploit to spread websites and applications that copy logos, names, and visual identity of legitimate platforms. The paradox is that the lure of quick and free access to the tournament can end up giving the user access not to the match, but to the theft of their credentials or control of their device.
Fake apps ask for access to contacts, camera, and mobile files
After installation, these applications may request excessive permissions that are unrelated to simply viewing content. These include access to contacts, files, camera, microphone, or even system functions.
With these permissions, attackers can steal banking credentials and monitor device activity. They can also integrate the terminal into botnets for illicit activities.
The deception usually relies on the design of platforms that imitate recognizable elements of official services. This appearance seeks to lower user suspicion and facilitate both the download and the surrender of personal data.
Cyber Police asks to use only official stores and check the developer
Among the recommendations provided by the authorities is to download applications only from official stores. They also ask not to access links sent by third parties or to enter unverified sites that offer supposed World Cup broadcasts.
Before installing any app, authorities advise checking the authenticity of the developer and reviewing ratings and comments from other users. To this, they add another basic guideline, which is to distrust services that promise exclusive or paid broadcasts for free.
In addition, they recommend not granting unnecessary permissions and keeping the device's operating system updated. The alert includes the use of security tools to reduce the risk of infection or unauthorized access.
Another area of risk is in files and applications shared via social networks or instant messaging services. Authorities also ask not to enter personal or banking data or passwords on suspicious platforms.