PBS warns surge in election websites

PBS reported on June 1 that a new Check Point threat assessment found a surge in election-related website registrations ahead of the November 2026 midterms, raising concerns about phishing, impersonation and misinformation operations. The report said the highest-probability threats this cycle are aimed less at voting machines than at the information environment around voters, campaigns, donors and media outlets. (pbs.org) The Hill, citing the same report, said hackers and foreign influence operators are increasingly focused on misleading voters through AI-amplified misinformation rather than tampering with ballots or tabulation systems. ### Why are security researchers watching election websites so closely? Check Point said newly registered domains containing the word “election” and the word “vote” rose sharply in early 2026. (pbs.org) PBS reported that about 1,300 new domains contained “election” and about 2,957 contained “vote” in January, and that from April 13 to May 14 alone, about 1,140 new domains contained “election” while about 4,010 contained “vote.” Check Point said domain registration by itself does not prove malicious activity. But the company said the larger pool of sites can later be used for phishing, impersonation, fraudulent donation activity or the distribution of misinformation. (pbs.org) ### If the threat is not mainly ballot tampering, what is it? The Hill reported on June 1 that Check Point expects phishing, impersonation and misinformation activity to be the most prevalent risks this election cycle. The report said those tactics target election-related systems and services and are being amplified by artificial intelligence, which gives malicious actors faster and cheaper ways to produce deceptive audio, video and images. (pbs.org) Aaron Rose, a security architect manager at Check Point, told The Hill that the threat is an “attack on the mind.” He said confusing even a relatively small number of voters in a swing county or swing state about polling locations or choices on the ballot could have an outsized effect. (pbs.org) ### Who is most exposed besides election offices? Check Point said the likely targets extend beyond core voting infrastructure to fundraising sites, donor platforms, communications channels and public-information systems. The Hill reported that nearly 9,500 credentials tied to donors on Democratic fundraising platform ActBlue and about 6,500 tied to GOP platform WinRed had been leaked, information Rose said could later be used to target donors. (thehill.com) PBS reported that Kathy Boockvar, a former Pennsylvania secretary of the commonwealth now with Athena Strategies, said the growth in election-themed websites was “of significant concern.” Oregon Secretary of State Tobias Read told PBS the domain findings were “certainly something to watch,” while adding that suspicious-looking sites should be verified before use. (thehill.com) ### Why does this matter for newsrooms as much as campaigns? Check Point said operators have used look-alike domains to clone major media brands, including Reuters, The Washington Post and Fox News, as part of influence operations. The company said the aim is to make manipulated political content appear to come from a trusted outlet and spread it before verification catches up. (thehill.com) That makes newsroom verification a practical part of election security. PBS’s reporting and Check Point’s findings point to a basic triage test for viral political clips and links: identify where the asset first appeared, trace who reposted it and when, check whatever metadata or forensic clues are available, and seek independent corroboration before airing or amplifying it. (pbs.org) That framing is an inference drawn from the reported threat pattern, not a quoted newsroom standard. ### Are courts and regulators already dealing with related cases? Minnesota Lawyer reported on June 1 that courts in the state are already weighing election disputes involving deepfakes, campaign-finance reporting and political defamation. Separately, MPR News reported in February that a federal appeals panel declined to block a Minnesota law restricting political deepfakes close to an election. (blog.checkpoint.com) The next milestone is November’s U.S. midterm election. Before then, Check Point’s 2026 midterm threat outlook, PBS’s reporting and state-level litigation are likely to remain reference points for election officials, campaigns, donors and news organizations assessing phishing, impersonation and AI-driven misinformation risks. (minnlawyer.com) (pbs.org)