Despite its current relevance, the intent to manipulate public opinion by spreading false information about events, people, companies, or political issues has always existed. What distinguishes the contemporary era from the past are two key elements: on the one hand, the ability of social networks to reach a virtually unlimited audience with minimal effort; on the other, access to advanced technologies, such as artificial intelligence, which allow for the creation of false narratives with impressive realism and relatively low costs. For context, according to the BBC, a campaign aimed at discrediting a journalist’s credibility could cost around $50,000. On a macro level, disinformation has caused damages amounting to $78 billion across the financial, healthcare, and public sectors.
In this article, we will explore the topic of disinformation security in the AI era and analyze strategies companies can adopt to protect their brands.
Disinformation Campaigns: Definition, Goals, and Targets
A disinformation campaign aims to spread false, misleading, or manipulated information (fake news) to influence public opinion, alter perceptions of reality, or create confusion on specific, often critical, issues. It is no coincidence that the World Economic Forum considers disinformation one of the most significant threats of our time, highlighting its role in fueling propaganda, both domestically and globally.
Disinformation campaigns indiscriminately target governments, individuals, and companies, often with devastating consequences. While a textbook example is disinformation used to polarize public opinion on major global events, businesses frequently fall victim to these campaigns. The perpetrators may be unscrupulous competitors, hacktivists, state actors, or organized groups leveraging disinformation as part of cyber warfare strategies.
Regardless of the cause, a company that falls victim to a disinformation campaign and lacks the tools for a timely response may face severe consequences:
- Reputational damage: Disinformation undermines trust in the brand, its values, and its purpose. Rebuilding credibility can take years and require substantial investments.
- Declining sales: False information, especially regarding product or service quality, negatively influences consumer purchasing decisions.
- Financial losses: Fake news can lead to reduced investment and mass sell-offs of company shares, diminishing their value and jeopardizing economic stability.
- Legal actions: The company may be forced into long, costly, and complex legal battles against those who spread the false information.
Tools and Tactics of Modern Disinformation
In an increasingly digital world, opportunities to design and execute disinformation campaigns continue to grow.
While technologies evolve and campaigns become more sophisticated, the basic mechanics remain unchanged: creating a false narrative through various means, disseminating it to a targeted audience, and leveraging emotional manipulation to drive the audience toward a desired action. This action could be purchasing a product, requesting a refund, or even making a political decision. For example, after posting fake news on social media, the perpetrators might deploy an army of bots to comment on and reinforce the message, nudging human readers toward a particular stance.
The tactics used in these campaigns are numerous and constantly evolving. Gartner highlights some of the most insidious ones:
Deepfakes
Deepfakes are videos or audio recordings digitally manipulated with AI, so realistic that they deceive even the keenest eye. This technology allows the superimposition of faces or voices onto real individuals, creating entirely false yet highly believable scenarios. The potential impact is vast: deepfakes can be used to spread disinformation, manipulate public opinion, discredit individuals and companies, or commit fraud.
GenAI for Large-Scale Disinformation
Malicious actors can leverage generative AI capabilities to automate the continuous creation of false content. Texts, images, videos, and social media posts can be automatically generated and rapidly disseminated before organizations have time to respond or debunk them.
More Credible Phishing Attacks
The goal of phishing remains the same: stealing sensitive data. However, thanks to GenAI and advanced social engineering techniques, phishing emails have become increasingly sophisticated, making them almost indistinguishable from legitimate communications. Once an account—especially a corporate one—is compromised, attackers can use it to spread disinformation within internal channels (enterprise social networks, collaboration platforms) or on a larger scale, exploiting users’ trust in official sources.
Credential Theft via Malware
In this case, a disinformation campaign starts with account theft. Using malware, malicious actors steal login credentials to corporate systems, infiltrating official accounts. Once inside, they can spread disinformation by publishing harmful content.
Disinformation Security: How to Defend Strategically and Operationally
Gartner considers disinformation security to be one of the key strategic trends of 2025. The reason is clear: while the potential effects can be devastating, launching credible disinformation campaigns is becoming increasingly easy. Moreover, only 5% of companies have already adopted dedicated products and services, though analysts predict this figure will rise to 50% by 2028.
Regarding defense, analysts emphasize the need for an integrated approach that involves multiple business functions and leverages various technological tools in synergy. It is also crucial for all company divisions to collaborate effectively: from IT and security teams to public relations and marketing, which respond to the spread of harmful content, and even human resources, which must ensure continuous employee training to recognize threats such as phishing and social engineering.
Social Media Monitoring
Social media monitoring is one of the most powerful tools for detecting disinformation campaigns early. Social platforms are the primary vehicle for spreading false information. By using social media monitoring platforms, companies can track online conversations about their brand and activities, manually or automatically verifying the accuracy of reported information. These tools analyze thousands of posts in real time, instantly identifying signs of disinformation, such as suspicious hashtags or messages spreading rapidly through bots.
Deep/Dark Web Monitoring
Monitoring the darker, less accessible areas of the web is essential to identify whether corporate (or employee) credentials have been compromised or if specific plans exist to launch disinformation campaigns against the company.
Content Validation Technologies
Content validation technologies include automated fact-checking tools (with or without human oversight) that use AI to assess the reliability of sources and content. This allows companies to identify attempts at message manipulation or falsification quickly. These tools analyze images, videos, and texts to detect signs of alteration, such as deepfake creation.
Corporate Account Authentication and Protection
Protecting corporate accounts is crucial to prevent unauthorized access and the subsequent publication of fake content. Multi-factor authentication is one of the most effective protection measures, but implementing robust Identity and Access Management (IAM) systems is also essential. These systems monitor and restrict access to corporate resources based on roles and needs, reducing vulnerabilities.
Phishing Mitigation Tools
Phishing protection tools analyze incoming messages and block fraudulent ones before they reach employees. These tools detect messages that deviate from an established style, originate from suspicious domains, or contain unknown links.
The Crucial Role of a Security Culture
To prevent or stop the spread of disinformation, technology alone is not enough. A strong security culture is essential, built through continuous training and awareness programs. This culture fosters critical thinking, helps individuals avoid common attacks like phishing, and encourages responsible behavior by ensuring employees rely only on trustworthy and verified sources.
-1.png "002-Kirey Group - una riga - (color)-1")
