In most people’s minds, Election Day is the end of a long hard campaign. With the votes cast and the counting underway, it's time to roll up the sidewalks and move on. However, the time after election day can be rife with cybersecurity risk.

Election results may take days or even weeks to finalize. This is normal and can happen for several common reasons: ballot counting procedures take time, races are too close to call, or automatic recounts are required by law.

The time between Election Day and final results is a high-risk period for campaigns. Bad actors may see opportunities to stir the pot of unknown results even if there is no way to impact the outcome. False information about a candidate or the integrity of the process or results can be used to further create division, anger, and distrust in the electoral process. All big wins for nation-states and hacktivists. 

Cybercriminals may view campaigns that are winding down as a target of opportunity. As staff clean up last-minute details and obligations, cybercriminals might attempt to fool staff into paying fake invoices.

Don’t let your guard down. 

If you see false or inauthentic content or impersonations,  follow the links below for instructions on how to report misinformation and fake news on social media platforms.

• How to report fake news on Facebook

• Report a tweet, list, or direct message on X

• Reducing the spread of false information on Instagram

• Report inappropriate content on YouTube

• Report a problem on TikTok

• Recognize and report spam, inappropriate, and abusive content on LinkedIn

Remind your team to be on alert for efforts by cybercriminals. Cybercriminals impersonate campaign staff or compromise the email accounts of vendors to get legitimate-looking invoices in front of people. Double-checking can prevent a lot of incidents. Have staff:

• Double-check routing numbers to be sure they haven’t changed.

• Double-check directly with vendors if they have even the faintest hint of suspicion like things requiring immediate attention or a special discount to act now.

• Double-check the actual email with the real person for any invoices that come with new instructions or require immediate attention.

There are other ways to securely close down your campaign. Read our blog on the steps you should take, or visit DDC’s Knowledge Base articles on why post-election cybersecurity is important and easy steps to implement it.