Dear Readers,

There is an old lesson from the world of espionage: if you control the gate, you control the people moving through it.

During my years working undercover in the FBI, I learned that the most successful spies rarely force their way through a locked door. Instead, they create the illusion of legitimacy. A forged credential. A borrowed identity. A fake checkpoint. The victim walks through willingly because everything looks authentic.

This week’s title story, The Fake World Cup Gate, explores how cybercriminals are using the same playbook to target fans preparing for the 2026 FIFA World Cup. The fake gate no longer sits at the entrance to a secure facility. It appears in a search result, a sponsored advertisement, or a website dressed in official colors and logos.

The lesson extends far beyond soccer. As you’ll see in this week’s Cybersecurity Tip, many of the most effective scams begin when we trust a gate we never stopped to verify.

And don’t miss this week’s AI Trend of the Week. While Silicon Valley, Washington, and military planners continue debating artificial intelligence, a surprising new voice has entered the conversation. The Vatican has released the first major Catholic teaching dedicated entirely to AI, arguing that the most important questions surrounding artificial intelligence are not technical at all—they are deeply human.

As always, thank you for spending part of your week with me. Now let’s talk about gates, trust, deception, and why the oldest tricks in the spy’s playbook are still working in the digital age.

Every spy operation begins with a gate.

Sometimes it’s a security checkpoint. Sometimes it’s a credential. Sometimes it’s simply a door separating insiders from outsiders. Whatever form it takes, the gate serves a single purpose: controlling access.

The best spies understand something most people never consider. If you can control the gate, you can control the people moving through it.

This week, the FBI warned that criminals are already building fake gates for the 2026 FIFA World Cup. Not physical gates at stadium entrances, but digital ones designed to look every bit as convincing as the real thing.

Picture a father planning a once-in-a-lifetime trip for his family. The World Cup is coming to North America. Tickets will be scarce. Prices will be high. Excitement is already building.

He sits down at his computer and searches for World Cup tickets.

Near the top of the results is a website covered in FIFA logos and tournament branding. The site looks polished, professional, and legitimate. There are photographs of packed stadiums, countdown timers, and promises of limited availability.

Without realizing it, he has already stepped through the gate.

According to a recent FBI warning, cybercriminals are creating websites that impersonate official FIFA properties in advance of the 2026 World Cup. These counterfeit sites are designed to collect personal information, sell fake tickets and hospitality packages, and potentially gather enough data to facilitate broader identity theft and financial fraud.

The mechanics are surprisingly simple. Criminals register domains that look almost identical to legitimate websites. They use alternate domain endings, copy official graphics, purchase advertisements, and manipulate search results to place fraudulent websites directly in front of eager fans.

Some advertise tickets. Others offer hospitality packages, travel opportunities, merchandise, or employment connected to the tournament. Every variation relies on the same psychological weapon: urgency.

The victim believes they are moving quickly because demand is high. In reality, speed is exactly what prevents them from stopping long enough to verify what they’re seeing.

That is why this story isn’t really about soccer or even cybersecurity. It’s about human psychology.

Every successful spy operation, confidence scheme, and social engineering attack follows a familiar formula. First, the attacker borrows authority. Then they create urgency. Finally, they push the victim before skepticism has time to catch up.

The criminals targeting World Cup fans are using the same playbook. The only difference is that their checkpoint exists online.

FIFA itself has warned that tickets purchased outside official channels carry substantial risk. Tickets obtained through unofficial sellers may be fake, duplicated, voided, overpriced, or rejected entirely when presented at the stadium gate.

Imagine spending thousands of dollars on airfare, hotels, meals, transportation, and event planning only to discover that the ticket in your hand is worthless. The financial loss would be painful enough. Add identity theft, compromised banking information, and months of cleanup, and the consequences become far more serious than missing a match.

The lesson is remarkably simple: Never search your way into a gate.

Whether you’re buying World Cup tickets, logging into your bank account, accessing your email or social media, or making an online payment, the safest path is always the one you create yourself.

Most importantly, understand that urgency is often the criminal’s greatest weapon. If a website pressures you to act immediately, promises exclusive access, or suggests an opportunity is about to disappear, treat that pressure as a warning sign rather than an incentive.

The gate will still be there tomorrow.

A scammer is counting on you believing otherwise.

One of the most dangerous habits on the internet is also one of the most common: we search for everything. We search for our bank, Microsoft 365, airline accounts, investment portals, credit card websites, ticketing systems, and every other digital doorway we need to enter.

That habit used to feel harmless. Today, it can lead you straight into a trap.

Search engines have become contested territory. Criminals know what people are looking for, and they know many users trust whatever appears first. A sponsored result can place a fraudulent website above the legitimate one. A typosquatted domain can look almost identical to the real site. An AI-generated phishing page can copy the tone, layout, branding, and language of a trusted company well enough to fool a careful person on a busy day.

The safest approach is surprisingly old-fashioned.

The extra five seconds may save you months of financial and identity-theft cleanup.

The world has changed. Cybercriminals, foreign intelligence services, scammers, and AI-powered fraudsters are no longer targeting only governments and Fortune 500 companies. They are targeting all of us.

That is why I wrote SPIES, LIES, AND CYBERCRIME.

The book pulls readers inside the real world of espionage, cybercrime, betrayal, surveillance, and modern digital warfare using lessons I learned hunting spies for the FBI and protecting organizations under attack.

If you want to better understand how deception works, how cybercriminals manipulate trust, and how to think more clearly in a world filled with digital lies, start here:

Want more? My new hub, PROTECT, is now live at ericoneill.net/protect and it’s built for anyone who wants to stop cybercriminal scammers cold. And it’s FREE!

For years, the debate surrounding artificial intelligence has been dominated by technologists, investors, politicians, and military planners. We have become accustomed to hearing CEOs discuss AI’s economic potential, governments discuss regulation, and security experts warn about new threats.

This week, a different voice entered the conversation.

At the Vatican, Pope Leo XIV and Anthropic co-founder Christopher Olah stood together to unveil Magnifica Humanitas, the first major Catholic teaching devoted entirely to artificial intelligence. If that sounds historic, it is.

Popes issue very few major encyclicals during their tenure. These documents are reserved for issues the Church believes will fundamentally shape the future of humanity. The fact that artificial intelligence now sits alongside war, poverty, labor rights, and environmental stewardship tells us something important: the Church believes AI has transcended technology and has become a human story.

The symbolism surrounding the document may be even more significant than the document itself. Pope Leo XIV deliberately chose the name Leo, invoking Pope Leo XIII, who became famous for addressing the social and economic disruption of the Industrial Revolution in his landmark 1891 encyclical Rerum Novarum. The message is unmistakable. Just as industrial machinery transformed human civilization more than a century ago, our Pope appears to believe artificial intelligence will reshape society in equally profound ways.

What makes the Vatican’s intervention fascinating is that it largely ignores the technical questions that dominate most AI discussions. Instead, it asks questions that technologists cannot answer alone.

One of the document’s sharpest observations challenges a popular assumption often heard in Silicon Valley. The Vatican warns that the promise of automatic prosperity is frequently an illusion. Technology does not automatically improve life for everyone. Human beings must intentionally design systems that distribute benefits, protect dignity, and preserve opportunity. Left alone, technology tends to magnify instead of transform.

Perhaps the most surprising moment came from Christopher Olah himself. Speaking at the Vatican, the Anthropic co-founder acknowledged that researchers continue to discover behaviors inside advanced AI systems that they do not fully understand. He described modern AI as something that is, in many ways, “grown” rather than engineered. These systems are trained on humanity’s collective knowledge, language, ideas, and experiences. As Olah put it, they are “made from us, from our words.”

That observation raises an uncomfortable possibility.

If artificial intelligence reflects humanity, then many of the risks we fear may not be technological at all. They may be reflections of ourselves.

The Pope’s concern is not that AI is inherently evil. His concern is that humanity has repeatedly demonstrated an ability to create power faster than it develops the wisdom to use that power responsibly.

As someone who has spent a career studying espionage, cybercrime, and human behavior, I find that observation particularly compelling. The greatest threats rarely come from technology itself. They come from what people choose to do with it.

The debate surrounding artificial intelligence often focuses on what machines are becoming.

The Vatican is asking a different question: What are we becoming?

That may be the most important AI question of all.

Most cyberattacks do not begin with advanced hacking. They begin with trust.
Attackers will use a convincing email, a borrowed credential, a believable lie, all paired with an urgent request. The tradecraft hasn't changed, the tools have evolved.

A fake gate.

That is exactly what we’ll be discussing during my upcoming live webinar, and I’d love to see you there.

Registration is completely free.

We’ll explore how spies, cybercriminals, and professional fraudsters manipulate trust, how modern attacks are evolving, and what practical steps you can take to protect yourself, your family, and your organization.

If you’ve enjoyed this newsletter, I think you’ll enjoy the conversation even more.

I hope you’ll join me.

Please support my sponsors. It only takes a click - no purchase necessary!

The 8-hour workday is becoming a 4-hour workday for people who know how to use AI.

Everyone else is still catching up.

This AI work playbook shows you exactly how to cut your work hours in half using AI.

Sign up for Superhuman AI and get:

Claim your AI playbook

Don’t miss a newsletter! Subscribe to Spies, Lies & Cybercrime for our top espionage, cybercrime and security stories delivered right to your inbox. Always weekly, never intrusive, totally secure.

Praemonitus Praemunitus!