Cybersecurity in Elections – Is Fake News a National Attack?
The U.S. presidential election was hit with billions of cyberattacks. 6 billion, to be exact. Fake news, phishing scams, deepfakes – you name it. Somehow, though, things held up.
Now, Germany’s snap election is just weeks away, and experts are already sounding the alarm. Phishing attacks are on the rise. Disinformation is spreading. Fake news isn’t just background noise anymore – it’s being used to manipulate public opinion and mess with democracy.
Could what happened in the U.S. happen in Germany? Let’s dive in.
Social engineering isn’t just a personal attack - it’s gone national
During elections, cybercriminals mess with entire populations, using fake news to create confusion and division. They know exactly how to exploit human psychology. Here’s what they do:
Impersonating Trusted Sources:
Hackers pretend to be election officials, candidates, or political parties, spreading fake information to mess with voters. The goal? Make people question the election process and trust nobody.
Example: Fake Election Results Website
Social engineering relies heavily on manipulating human emotions like fear, urgency, or trust. Phishing emails that threaten account closures or promise rewards operate on the same principle.
Example: Fake Candidate Statements
Sometimes it’s not a whole website, just a tweet. Hackers spread fake posts claiming that polling locations were closing early, causing confusion and panic. Some voters probably never made it to the polls because of that.
So, could this happen in Germany too?
Short answer: Yes. Fake news campaigns have already begun, targeting voter trust. But German authorities are stepping up, with security audits and stricter protocols in place. The fight isn’t over, but awareness is the best defense. Stay alert – is what we are trying to say here.
Left: A fake CNN graphic from the 2024 U.S. presidential election, falsely showing voting in Texas, shared widely on social media to spread misinformation. Right: The actual CNN broadcast from the 2020 election, showing accurate results. [1]
Using AI and Deepfakes
Deepfake technology has made it easier to create fake videos that look real, tricking people during elections. A candidate can be shown making false statements, and by the time fact-checkers intervene, the video has already gone viral, shaping opinions and spreading misinformation.
Example: Deepfake Video Causes Viral Confusion
In January 2025, a deepfake video circulated on social media, purportedly showing current U.S. President announcing an offensive and fabricated executive order. The video (watch here) received over 18 million views and 200,000 likes on X (formerly Twitter). While some users recognized it as fake, many others questioned its authenticity or believed it to be real, fueling further misinformation .
This incident highlights how quickly deepfakes can spread and shape public perception, especially during politically charged moments. The challenge lies in countering false narratives before they influence voter behavior.
Germany’s Elections Are Next – Is Cybersecurity Ready?
During the 2024 U.S. presidential election, cybercriminals launched over 6 billion attacks, targeting voter websites with phishing, misinformation, and DDoS attacks. Some hit 700,000 requests per second. Thanks to coordinated efforts between election officials, cybersecurity providers, and agencies like CISA, there were no major disruptions.
But the U.S. isn’t alone. In Russia, officials reported blocking 160,000 cyberattacks on their remote electronic voting system during local elections. The UK recently faced its own election security crisis when millions of voters’ personal data were leaked in an attack attributed to foreign interference.
Now, with Germany’s snap election on February 23, 2025, experts are warning of similar threats. Phishing scams, deepfake videos, and disinformation campaigns are already spreading, aiming to undermine trust in the process. Hackers may target everything from voter information websites to polling communications.
But Germany isn’t unprepared. Authorities have tightened security protocols, audited election systems, and partnered with organizations like Cloudflare and Google to defend against cyberattacks.
The threats are real, but with these measures in place, Germany stands a fighting chance to protect its democratic process.
How to Educate Your Employees About Election-Related Phishing Scams
Phishing attacks during election season can be relentless, but educating your employees can significantly reduce the risks. Here are strategies to protect your organization:
1. Provide Regular Testing and Training Sessions
Schedule periodic sessions to keep employees updated on evolving phishing tactics and best practices for identifying scams with trainings but also with realistic exercises.
2. Use Real-World Examples
Share examples of actual phishing emails used during elections to demonstrate what these scams look like.
3. Educate on ‘Red Flags’
Highlight common red flags or suspicious signs like urgent requests, suspicious sender addresses, and demands for sensitive data.
4. Emphasize Caution with Links and Attachments
Encourage employees to avoid clicking unexpected links or downloading attachments, especially in election-themed messages.
5. Encourage Verification
Train employees to verify emails by contacting the organization through official channels before responding or taking any action.
6. Promote a Culture of Awareness
Designate a security manager to track cybersecurity threats and brief employees regularly on new phishing trends. You can also download and share the “Top 10 Red Flags in Election Season Phishing Emails” poster we made for you.
7. Utilize Free Resources
Take advantage of free training materials, like our Freemium edition, which you can use to send out customized phishing simulations and trainings.
8. Implement a Reporting System
Establish a clear process for reporting suspicious emails to your IT or cybersecurity team.
9. Conduct Phishing Exercises
Run regular phishing tests to assess how well employees can detect and report scams, providing feedback on their performance.
10. Explain the Bigger Picture
Help employees understand how phishing fits into larger disinformation campaigns that aim to disrupt elections and public trust.
By adopting these strategies, you can strengthen your organization’s resilience against election-related phishing scams and protect both your employees and the broader democratic process. Sometimes, smarter employees mean not only safer companies but also a stronger, more secure democracy for everyone.
“We must protect our democracy in the digital space too. That applies especially to the upcoming Bundestag elections. They are the most important way for the public to express their views democratically.” [2]
Federal Minister Faeser
We’re excited to share more cybersecurity insights, news, and updates with you in the upcoming editions of this newsletter. However, if you don’t find this helpful, we’re sorry to see you go. Please click the unsubscribe button below.
1. https://factcheck.afp.com/doc.afp.com.36LE786
2. https://www.bmi.bund.de/SharedDocs/kurzmeldungen/EN/2025/01/plattformen-bt-en.html
4. https://blog.mdaemon.com/watch-out-for-election-season-phishing-and-social-engineering-attacks
5. https://www.npr.org/2024/12/21/nx-s1-5220301/deepfakes-memes-artificial-intelligence-elections
