By — Liz Landers Liz Landers Leave your feedback Share Copy URL https://www.pbs.org/newshour/politics/why-a-surge-of-election-related-websites-could-spell-rising-cyber-threats-for-the-midterms Email Facebook Twitter LinkedIn Pinterest Tumblr Share on Facebook Share on Twitter Why a surge of election-related websites could spell rising cyber threats for the midterms Politics Jun 1, 2026 5:55 AM EDT A new report, first reported by PBS News, warns that November's midterm elections in the United States will drive "elevated" cyber threats to political organizations, fundraising and media platforms, and that some of the groundwork for election misinformation and disinformation likely is already being laid. Check Point, a cyber security company, found that in January of this year, approximately 1,300 newly registered domains contained the keyword "election," and approximately 2,957 contained "vote." Registering website domains does not establish malicious activity alone, the report notes, but the websites do "increase the pool of domains that may later be used for phishing, impersonation, fraudulent donation activity, or the distribution of misinformation." In an even sharper increase in website registrations, for the month between April 13 and May 14, Check Point Exposure Management found that approximately 1,140 newly registered domains contained "election," while approximately 4,010 contained "vote". "Seeing that these websites are continuing to grow is of significant concern, on top of what's already a concerning status quo," said Kathy Boockvar of Athena Strategies, who served as secretary of the Commonwealth of Pennsylvania from 2019 to 2021. She said the Check Point report is "consistent with what we've heard from federal agencies and other private sector entities that are tracking threats." READ: Americans are increasingly worried about voting, poll shows At the same time, independent election experts warn that there is a balance between educating the public on potential election risks and sowing distrust. Boockvar worries that the report may fuel fear for voters, but also says that the emergence and growing prevalence of mis- and disinformation around elections in the last five years is a huge concern. Oregon Secretary of State Tobias Reed told PBS News that the finding on domain registration was "certainly something to watch." Reed reiterated that it may not be nefarious activity, but it reinforces the idea that, when it comes to fishy-looking websites, "if you're suspicious, verify it." What the report found The more than 30-page report reveals that the most likely types of threats to the upcoming elections are "phishing, impersonation, influence activity, AI-enabled content abuse, and opportunistic disruption." Check Point research from earlier this year found that a staggering 82% of malicious file attacks come through email phishing attempts, highlighting the need for election-related organizations, both inside and outside government, to guard against that kind of attack with education and training. Reed told PBS News that his office is cognizant of phishing attempts and conducts quarterly training sessions with staff. "We have scenarios and tests that we run internally – including me, where I have to think about it." The report also notes that political fundraising websites have been targeted in cyber operations. For example, ActBlue – a major fundraising website used by the Democratic Party – had around 9,600 leaked citizen credentials, such as user name and password. Their Republican counterpart WinRed had 6,500 leaked credentials. Check Point says that these kinds of exposures are avenues for everything from donor fraud to unauthorized access to election-related organizations. If there's a positive data point here, it's that individual political campaign domains for a sample of swing-state candidates from both parties did not show hardly any leaked credentials, according to Check Point's research. Instead, that exposure is concentrated among the larger platforms. Artificial intelligence, which some election experts have been warning about since the 2024 presidential election cycle, makes it cheaper, faster and easier for bad actors to disseminate false information about the election process through social media or email, researchers found. "Now that we're in the age of AI, it can consume and take so much data and learn so much about us that it can generate things that are believable," Aaron Rose, a cybersecurity expert with Check Point, told PBS News. "Not just things that are like a phishing email, but content that's shared on social media or deepfake videos that are getting harder and harder to actually tell what they truly are." How different foreign adversaries target U.S. elections The report reiterates intelligence assessments from the federal government from the last few years that warned that foreign adversaries like Russia, China and Iran are attempting to influence American elections. Each nation uses different tactics to achieve different goals. Russia-linked election activity uses influence operations and narrative amplification, like creating websites, to imitate reputable news organizations like Reuters or The Washington Post to shape narratives and amplify division. China, on the other hand, is more focused on reconnaissance and influence-testing, with the goal of exploiting existing social and political divisions, according to Check Point. The Check Point report also warns that Iran has engaged in hacking political operations in the past and will likely try that again. Rose said that these three foreign adversaries have pretty clear objectives when it comes to U.S. elections: "They want to either steer it or they want to cause confusion." In the last few election cycles, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has provided advice to states who sought federal guidance for cyber and physical security after elections were deemed "critical infrastructure" during the first Trump administration. Reed said that "it would be great if we had more assistance from CISA." "That's the job they're supposed to be doing. We've lost a lot of that," he said. Instead, he is relying on state resources like Oregon's National Guard to fill cybersecurity needs. Boockvar says the change has occurred under the second Trump administration. "It is a very different landscape in terms of the federal, state, local collaboration, information sharing, and supportive infrastructure than it was in every other election cycle in the last 10 years." A free press is a cornerstone of a healthy democracy. Support trusted journalism and civil dialogue. Donate now By — Liz Landers Liz Landers Liz Landers is a correspondent for PBS News Hour, where she covers the White House and the Trump administration. Prior to joining the News Hour, she served as the national security correspondent for Scripps News, and also reported on disinformation for the network.
A new report, first reported by PBS News, warns that November's midterm elections in the United States will drive "elevated" cyber threats to political organizations, fundraising and media platforms, and that some of the groundwork for election misinformation and disinformation likely is already being laid. Check Point, a cyber security company, found that in January of this year, approximately 1,300 newly registered domains contained the keyword "election," and approximately 2,957 contained "vote." Registering website domains does not establish malicious activity alone, the report notes, but the websites do "increase the pool of domains that may later be used for phishing, impersonation, fraudulent donation activity, or the distribution of misinformation." In an even sharper increase in website registrations, for the month between April 13 and May 14, Check Point Exposure Management found that approximately 1,140 newly registered domains contained "election," while approximately 4,010 contained "vote". "Seeing that these websites are continuing to grow is of significant concern, on top of what's already a concerning status quo," said Kathy Boockvar of Athena Strategies, who served as secretary of the Commonwealth of Pennsylvania from 2019 to 2021. She said the Check Point report is "consistent with what we've heard from federal agencies and other private sector entities that are tracking threats." READ: Americans are increasingly worried about voting, poll shows At the same time, independent election experts warn that there is a balance between educating the public on potential election risks and sowing distrust. Boockvar worries that the report may fuel fear for voters, but also says that the emergence and growing prevalence of mis- and disinformation around elections in the last five years is a huge concern. Oregon Secretary of State Tobias Reed told PBS News that the finding on domain registration was "certainly something to watch." Reed reiterated that it may not be nefarious activity, but it reinforces the idea that, when it comes to fishy-looking websites, "if you're suspicious, verify it." What the report found The more than 30-page report reveals that the most likely types of threats to the upcoming elections are "phishing, impersonation, influence activity, AI-enabled content abuse, and opportunistic disruption." Check Point research from earlier this year found that a staggering 82% of malicious file attacks come through email phishing attempts, highlighting the need for election-related organizations, both inside and outside government, to guard against that kind of attack with education and training. Reed told PBS News that his office is cognizant of phishing attempts and conducts quarterly training sessions with staff. "We have scenarios and tests that we run internally – including me, where I have to think about it." The report also notes that political fundraising websites have been targeted in cyber operations. For example, ActBlue – a major fundraising website used by the Democratic Party – had around 9,600 leaked citizen credentials, such as user name and password. Their Republican counterpart WinRed had 6,500 leaked credentials. Check Point says that these kinds of exposures are avenues for everything from donor fraud to unauthorized access to election-related organizations. If there's a positive data point here, it's that individual political campaign domains for a sample of swing-state candidates from both parties did not show hardly any leaked credentials, according to Check Point's research. Instead, that exposure is concentrated among the larger platforms. Artificial intelligence, which some election experts have been warning about since the 2024 presidential election cycle, makes it cheaper, faster and easier for bad actors to disseminate false information about the election process through social media or email, researchers found. "Now that we're in the age of AI, it can consume and take so much data and learn so much about us that it can generate things that are believable," Aaron Rose, a cybersecurity expert with Check Point, told PBS News. "Not just things that are like a phishing email, but content that's shared on social media or deepfake videos that are getting harder and harder to actually tell what they truly are." How different foreign adversaries target U.S. elections The report reiterates intelligence assessments from the federal government from the last few years that warned that foreign adversaries like Russia, China and Iran are attempting to influence American elections. Each nation uses different tactics to achieve different goals. Russia-linked election activity uses influence operations and narrative amplification, like creating websites, to imitate reputable news organizations like Reuters or The Washington Post to shape narratives and amplify division. China, on the other hand, is more focused on reconnaissance and influence-testing, with the goal of exploiting existing social and political divisions, according to Check Point. The Check Point report also warns that Iran has engaged in hacking political operations in the past and will likely try that again. Rose said that these three foreign adversaries have pretty clear objectives when it comes to U.S. elections: "They want to either steer it or they want to cause confusion." In the last few election cycles, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has provided advice to states who sought federal guidance for cyber and physical security after elections were deemed "critical infrastructure" during the first Trump administration. Reed said that "it would be great if we had more assistance from CISA." "That's the job they're supposed to be doing. We've lost a lot of that," he said. Instead, he is relying on state resources like Oregon's National Guard to fill cybersecurity needs. Boockvar says the change has occurred under the second Trump administration. "It is a very different landscape in terms of the federal, state, local collaboration, information sharing, and supportive infrastructure than it was in every other election cycle in the last 10 years." A free press is a cornerstone of a healthy democracy. Support trusted journalism and civil dialogue. Donate now