What is Disinformation, Misinformation and Malinformation
What is disinformation, misinformation, and malinformation. Explore the definitions with clear examples and understand their relevance to companies and other organisations in today's digital landscape.
DISINFORMATIONMISINFORMATIONMALINFORMATION
Misinformation, Disinformation and Malinformation: What's the Difference?
Few terms in the information security vocabulary are used as loosely as misinformation, disinformation and malinformation. They often appear incorrectly across news coverage, regulatory guidance and boardroom discussion, as interchangeable labels for one broad idea: information that is in some way wrong, or in some way harmful. That imprecision carries a cost, because the three describe genuinely distinct phenomena, and the measure that resolves one will often aggravate another.
The distinction does not need to be complicated, and it does not rest on intuition. It can be simply understood using the information disorder framework set out by Claire Wardle and Hossein Derakhshan in their 2017 report for the Council of Europe, which separates the three using two questions. First, is the information false? Second, is it intended to cause harm? The answers place any given case into one of three categories, each with very different implications for how it should be handled.
To see how those two questions play out, it helps to take each term in turn, define it briefly, and then watch it unfold in a single, familiar setting: here we will use a hypothetical popular local restaurant, Maria's. It is busy most nights, which is precisely what makes it worth attacking. Over one difficult week, Maria is affected by all three, and each behaves in its own way.
Misinformation: false information, shared without intent to harm
Misinformation is false or inaccurate information spread without any intention to cause harm. It is the product of error or genuine belief rather than malice. The person passing it on is not trying to deceive anyone. They believe the claim is true, and they often think they are being helpful.
Example: The restaurant, Maria's, closes for two days while a burst water main is repaired. A local resident sees a post, instigated by a malicious competitor, already circulating in a community group, claiming the restaurant has been shut down by health inspectors. Concerned for her neighbours, she reshares it to a parents' group with a brief note: “Worth avoiding Maria's this week.” She did not invent the claim, she has nothing to gain from it, and she has no reason to doubt what looked like a credible warning from her own community. This is misinformation: the falsehood is real, but the intent to harm is absent.
The absence of malice does not make it harmless. Bookings still fall that weekend, precisely because the warning was passed on by people others trusted. What defines misinformation is the simple fact that those spreading it were not trying to cause any harm.
Disinformation: false information, spread deliberately to cause harm
Disinformation is false or manipulated information created or spread on purpose, with the intent to deceive and to achieve an objective. The defining feature is intent. The falsehood is not an accident; it is the instrument.
Example: A struggling competitor across the road sees an opportunity. He invents a claim that a rat was found in Maria's kitchen, mocks up a convincing photograph using a free AI tool, and pays to push it into every local group on a Friday evening. None of it is true, and that is the entire point. He is not mistaken; he is lying, deliberately, to take her customers. This is the category that earns the term disinformation operation: planned, resourced and aimed at a target, with an objective behind it.
Effective disinformation operations are often based on partially true, benign yet manipulated information to build a more believable narrative.
Example: Ten years ago, Maria received a minor food safety notice from the Food Standards Agency for a paperwork discrepancy, not a hygiene issue. It was acted on, resolved, and long forgotten. A competitor who wishes her harm retrieves the notice and pays someone to circulate it during a usually busy week, stating a food hygiene issue and carefully omitting the fact that it was a minor paperwork issue from a decade earlier. She cannot deny a notice, because it happened. The harm comes not from a falsehood, since there is none, but from removing accurate information from its context and timing its release for maximum effect. Because the story is based on partially true information, it is far harder to counter than a lie.
Malinformation: true information, used to cause harm
Malinformation is the category most often misunderstood, yet used less than misinformation and disinformation., To explain plainly: malinformation is genuine, accurate information presented with the intent to harm, usually by stripping it of context or releasing it at a damaging moment.
Malinformation is the category most often misunderstood, so it is worth stating plainly: malinformation is true. It is genuine, accurate information deployed with the intent to harm, usually by stripping it of context, or by attaching it to a target it does not fairly belong to.
Example: A malicious competitor learns that one of Maria’s chefs has been charged with an offence committed in his own time, well away from work. The charge is real and has already been reported in the local paper, with no mention of the chef’s employment. Sensing an opening, the competitor sets out to use it against her. He screenshots the report and posts it repeatedly across local groups and review sites, each time tagged to the restaurant and framed as a warning: "This is who Maria's employs. Think twice before you eat there." Every detail is accurate. The chef was charged, and he does work there. But the matter has nothing to do with the restaurant, and the man circulating it is not warning anyone in good faith. He is deliberately weaponising a fact to damage her business.
The effect is immediate. Bookings are cancelled, a run of one-star reviews repeats the claim until it dominates the restaurant's page, and Maria spends weeks answering for a private matter she had no part in instead of running her business. She cannot deny any of it, because it is true. That is what makes malinformation so difficult: the harm comes not from a lie, but from accurate information taken from its context, bound to a target it was never fairly part of, and pushed by someone who means to cause damage.
Because malinformation is true, it is far harder to counter than a falsehood. There are mixed opinions on if the public should be informed of wider, truthful context regarding such issues, if indirect harm is caused. Yet the malicious intent cannot be ignored.
Three terms, and a wider vocabulary
These three categories are useful to understand, but they sit within a much larger and looser vocabulary. Terms such as propaganda, fake news, psychological operations, information warfare information operations, and cognitive warfare, amongst others, are used widely, often interchangeably, and frequently incorrectly, even though each describes a related but distinct phenomenon.
This imprecision is untidy and presents a practical obstacle. When an organisation cannot name accurately what it is facing, it struggles to assess the threat, brief its people, commission the right help, or respond proportionately. A board that believes it has a “fake news problem” may reach for communications; a board that recognises a coordinated disinformation campaign may reach for something quite different. Shared, accurate language within an organisation is the precondition for a serious response.
The relationships between these wider terms, and the distinctions that matter when applying them, deserve more space than this insights piece allows, and we will return to them separately. For now, the three categories above are the foundation: get this right, and the rest of the vocabulary becomes far easier to navigate.
From a corner restaurant to a global organisation
Maria's is a deliberately small example, yet the mechanics do not change as an organisation grows – the scale and the consequences do.
The honest mistake may be a customer or an employee sincerely resharing an inaccurate claim about a product, a financial result or a leader's conduct, in the belief that they are being helpful. The deliberate falsehood becomes a fabricated press release, a forged executive statement, or a coordinated campaign timed to surface on the morning of an earnings announcement. The weaponised truth becomes a leaked internal document, or an accurate but sensitive detail about a senior figure, surfaced to enable harassment or to reopen a controversy that had been settled.
The framework that underpins this distinction is now widely adopted by governments, regulators and security agencies as the standard vocabulary for these threats. The value of understanding the terminology is not purely academic; organisations need precise ways of naming what risks they face, which is the first condition of responding to it well.
Contact us
Whether you have a request, a query, or want to work with us, use the form below to get in touch with our team.
