5 tips for combating digital disinformation in the corporate context

Combating disinformation

The corona crisis has clearly revealed the penetrating power of digital disinformation. More and more often, one comes across fake news & Co online or reads about people who are firmly convinced of the false information. Against this background, the correct handling of digital disinformation is becoming increasingly relevant – especially for companies. In this article, we therefore give you five helpful tips on how to handle misinformation and disinformation in a corporate context.

Disinformation in the corporate context

Disinformation is no longer just a political problem. Although many of us still associate coordinated disinformation campaigns with election manipulation, studies show that the topic is becoming increasingly relevant for companies as well. For example, a study from 2017 concluded that around 35 percent of the companies surveyed were already victims of “manipulated information” and “targeted false reports in social media or the press” [1]. Against the background of advancing technological development, the proportion is likely to be even higher today. This is also shown by the growing risk awareness of companies. According to a Deloitte survey, 74 percent of managers currently rate fake news as the greatest cyber risk [2].

And this assessment is justified. It becomes clear when one considers the possible consequences of a disinformation attack. There is the threat of considerable damage to the company’s reputation, which can quickly lead to a drop in sales or loss of stock market value. In order to keep these consequential damages as low as possible, the correct handling of so-called corporate disinformation is particularly relevant. We have summarized in five tips what needs to be considered when fighting disinformation.

#1: Detect disinformation campaigns early

Early detection is crucial to fend off a disinformation attack as effectively as possible. There are technological support options for this. Monitoring services like the BUZZMAPPER by PREVENCY® can act as early warning systems. For this purpose, monitoring must be set up in a targeted manner. General brand monitorings seize the online communication approximately around your brand, however, most services exhibit at present substantial weak points with the recognition of disinformation. Therefore it is worthwhile to invest in the human factor in addition to technology. If your employees are aware of the risk of disinformation, they too can become part of the early warning system. After all, if there is risk awareness, employees will usually become aware of the spread of false information about their own company more quickly and more often. Such awareness can be created through training or workshops.

#2: Situation assessment and risk assessment

If false, manipulated or misleading information about your company is spread: Keep calm! Before you follow the first impulse to quickly communicate a half-baked counterstatement, it is important to carry out a situation assessment including a risk evaluation. In this evaluation you should first look at the attack itself: Who is spreading the disinformation with what speed and range? Are e.g. social bots in play? What is the content and how much outrage potential does it have? What is the response in digital space?

The second step is to determine the target of the attack: Is your company’s reputation to be damaged, relationships with relevant stakeholders weakened, individual products made bad? Or is something completely different being pursued after all? Based on this analysis, potential effects on your company can be identified: What damage could be caused? How bad is it for your company?

In the final step, all information and findings are brought together. This allows you to determine the escalation potential of the situation. If this potential is high, it is important to act quickly and adequately.

#3: Develop an adequate response to disinformation

The most obvious reaction to business-related disinformation is probably to expose it and counter it with the truth. But as simple as this practice may sound, its implementation is as complex as it is. In the case of counter-statements, there is a fundamental problem in the field of “fake news”: they do not automatically have to be perceived, let alone believed, by outraged online users. In particular, if your company has already attracted attention in the past due to lack of transparency, you will often not be given the greatest credibility, even with fact-based corrections. Rather, users quickly assume that you are trying to hide the truth or are spreading false information yourself.

In an emergency, it therefore makes more sense to prepare a strategic response that is appropriate to the situation. This should be based on the previous situation assessment and be as targeted as possible. In other words: depending on the evaluation result, target groups, channels and messages should be chosen for communication. If the goal of the disinformation campaign is, for example, to weaken the relationship with an important business partner, communication should focus primarily on this stakeholder. If the aim is to damage your reputation with customers, the customers should be at the center of crisis communication.

Last but not least: No matter what the communication ultimately looks like and to whom it is directed, it should always be based on facts – preferably in the form of sources or evidence. Only in this way can you sustainably take the wind out of the attackers’ sails.

#4: Define processes and create a guideline for handling disinformation

In order to guarantee the ability to act within the company in an emergency, you can define processes for dealing with disinformation in advance. Important questions are e.g: How do we usually deal with disinformation? Who is responsible in such a case? Which steps and measures (e.g. situation assessment, strategy development, etc.) have to be taken and in which order? The answers can then be documented in the form of a guideline and stored in the crisis manual.

Since false information is nowadays spread mainly in the digital space, it is also useful to establish a guideline for social media. In this social media policy, you should provide information on how to deal with the problem of “disinformation” as well as guidelines for the social media behavior of employees. Of course, these should only refer to the corporate context. A netiquette can also help in a crisis. It determines, for example, when user comments or contributions are deleted. Under certain circumstances, this can prevent a wide spread of false reports on your social media site.

#5: Acting transparently and building credibility in the long run

The challenges posed by disinformation are primarily about one core factor: credibility – of content, of messages or of actors in general. A company that acts and communicates transparently in the long term can build up a certain degree of credibility over time. In an emergency, this often gives your company a kind of “leap of faith”. In other words: (false) negative reports are independently and critically questioned by the users and a counterstatement of the company is more likely to be believed. However, if your company has attracted negative attention in this respect in the past, the effect is reversed: users are quickly convinced of the credibility of the fake news and rush at you as an outraged mass. Moreover, long-term credible communication and transparent interaction with your stakeholders not only helps in the event of crisis “disinformation” – it also benefits crisis communication in many other cases.

Finally, digital disinformation is a complex problem area for society, politics and business. In our experience, effective handling of this problem can only succeed with a pronounced risk awareness and long-term measures.

Do you need help in dealing with digital disinformation or do you want to conduct awareness training for your employees? We are happy to help!

Better safe than sorry.


[1] Corporate Trust (2017): Future Report. Online: https://www.corporate-trust.de/wp-content/uploads/2017/11/Future_report_2017_DT_web-1.pdf

[2] Deloitte (2019): Cyber Security Report 2019. Online: https://www2.deloitte.com/de/de/pages/risk/articles/cyber-security-report.html