Check Point warns: AI disinformation, fake Reuters and Fox News sites threaten US midterms
Hackers are already preparing themselves to disrupt the integrity of the upcoming midterm elections. However, they’re not targeting voting machines or ballots. Rather, they're focusing on manipulating public opinion.
-
Check Point warns that AI-driven disinformation campaigns could target the 2026 US midterms through fake news and social media manipulation.
-
Hackers are cloning major media brands like Reuters, The Washington Post, and Fox News to spread AI-generated fake articles.
-
Around 5,150 election-related domains have already been registered, many linked to phishing, fraud, and misinformation.
-
Exposed credentials tied to ActBlue and WinRed raise risks of account takeover and donor fraud, researchers say.
According to Check Point’s 2026 US Midterm Election Threat Outlook, hackers will try to flood social media and search results with misinformation, misleading narratives, and fake content to influence the outcome of the midterms.
In addition, some hackers have already cloned trustworthy and reputable media brands like Reuters, The Washington Post, and Fox News. The sites are filled with AI-generated fake news and spread across all major social platforms.
The goal is to pretend that political content originates from trusted news outlets and to distribute it before someone notices it’s fake in an attempt to disrupt the midterm elections, which are held in November 2026.
Check Point security researchers found that approximately 5,150 election-themed domain names were registered between April 13th and May 14th. These sites are typically used for phishing, donation collection fraud, identity fraud, and the distribution of misinformation.
This volume is likely to increase as soon as November approaches.
Check Point also found exposed credentials tied to some of the most widely used political and government platforms, including roughly 9,500 linked to ActBlue, the Democratic fundraising platform, and 6,500 linked to WinRed, the Republicans’ fundraising counterpart.
These credentials are useful for account takeover, donor fraud, and targeted social engineering against the platforms both parties depend on to raise money at scale, Check Point explains.
“In this new era of AI-powered disinformation, the goal is often not to change vote counts directly, but to convince voters that truth itself is difficult to verify,” the cybersecurity firm says in the latest edition of its elections report.
“Security teams working with campaigns, election organizations, fundraising platforms, or any organization adjacent to this environment should treat this cycle as an elevated-risk period for phishing, brand impersonation, and credential-based attacks. That’s not because the threats are novel, but because the motivation and attention behind them are significantly higher than usual,” Check Point concludes its Midterm Election Threat Outlook.
Unlock more exclusive Cybernews content on YouTube.
