Written by Eve Oliver, Marketing Manager at CSG and CyberFirst ambassador as part of the NCSC.
During UK election periods, scam activity increases significantly and I regularly see cyber criminals exploiting major national events to catch people off guard.
One of the most common tactics around elections is the fake poll or voting scam. These scams are designed to look harmless and are often framed as opinion polls, voter surveys, or “official” voting updates, but their goal is always the same: to steal your personal information or compromise your device.
Below, I’ve pulled together practical guidance based to help you spot and avoid these scams.
What are election poll scams?
Election poll scams typically arrive via:
- Text message [SMS]
- WhatsApp or other messaging apps
- Social media direct messages
They often claim to be from:
- Political parties
- Polling organisations
- “Election authorities”
- Research groups conducting voter surveys
The message may ask who you plan to vote for, request that you “verify your voting details”, or urge you to click a link before polling day. Phishing messages increasingly exploit current events [including elections] to appear more relevant and trustworthy.
Red flags to watch out for
From my experience in cyber awareness work, these are the warning signs most people miss:
A sense of urgency
Messages telling you to act “immediately” or “before polling day” are a classic phishing tactic. Cyber criminals rely on panic and haste to stop you thinking things through.
Requests for personal information
Legitimate organisations will never ask for personal details, voting preferences or login credentials via unsolicited messages. Microsoft’s security guidance is clear that requests for personal or account information through unexpected emails or texts should always be treated as suspicious.
Unexpected links
Scam messages often include shortened or unfamiliar links that lead to fake websites. Sophos threat researchers regularly report attackers using convincing‑looking links and branding to draw victims into phishing pages.
Messaging apps for “official” contact
The NCSC advises that government bodies and official organisations should not be contacting you about voting via WhatsApp or random mobile numbers. If it doesn’t come from a trusted, verified channel, be cautious.
How to protect yourself
Here’s the advice I share most often when speaking to businesses and schools:
- Stop and think: if a message seems unexpected or pressures you to act quickly, pause. Scammers rely on rushed decisions
- Don’t click links: go directly to official sources instead. For election‑related information, only trusted
.gov.ukwebsites should be used. We recommend navigating directly to official sites rather than following links in messages - Never share voting or personal details: your vote is private. Neither voting intentions nor personal data should be shared via polls sent through messages
- Report and delete: the NCSC encourages reporting suspicious texts, emails and websites so they can be investigated and taken down, helping protect others as well.
While many people see election scams as a personal risk, these attacks can also impact organisations. Clicking a malicious link on a work device or entering credentials on a phishing site can lead to:
- Email account compromise
- Data breaches
- Malware infections
- Wider business disruption
Phishing remains one of the most effective entry points for attackers, particularly when messages are tied to familiar or high‑profile events.
As elections approach, heightened awareness is one of the most effective defences we have. Cyber criminals are banking on trust, emotion and distraction, but a few simple checks can make all the difference.
If you’re ever unsure: Don’t click. Don’t reply. Verify independently.
At CSG, cyber awareness is a fundamental part of how we help organisations protect their people, data and systems – not just during election periods, but all year round.
