AI Can Forge Documents in Minutes - “Looks Right” Is No Longer Enough

AI Can Forge Documents in Minutes – “Looks Right” Is No Longer Enough

Generative AI is making document fraud faster and harder to spot, pushing security teams to verify provenance, signatures and file integrity at intake securely.

Listen to this article

0:00

Press play to start listening

For years, catching a fake document meant hunting for tells: a wrong font, a smudged logo, metadata that did not match the claimed date. Generative AI has ended that game. The old tells are gone, and the people producing fakes are no longer specialists. They are anyone with a chatbot and a few minutes.

The numbers describe a step change, not a trend. Sumsub reported that synthetic identity-document fraud rose more than 300% in 2025, climbing 311% in North America against the first quarter of 2024, while deepfake fraud attempts jumped by an order of magnitude.

Researchers generated a synthetic passport with GPT-4o in under five minutes, visually indistinguishable from a genuine one. More than one in ten companies now report encountering deepfake or AI-generated documents in fraud attempts, and deepfakes already account for roughly one in twenty identity-verification failures.

The growth curve is the part that should worry a security team. Analysts tracking identity fraud have reported AI-generated attempts rising several hundred percent year on year, with iProov recording a 783% jump in digital-injection attacks in 2024 and Jumio reporting a further 88% rise into 2025.

These are not linear increases. Each improvement in generative models lowers the cost and raises the quality of the next wave of fakes, which is why the attempts keep multiplying rather than levelling off.

The projected losses track the same slope. Deloitte has estimated that generative AI could push US fraud losses tied to this kind of activity toward $40 billion by 2027, up from $12.3 billion in 2023. That is a threefold rise in four years, driven not by more fraudsters but by each one becoming dramatically more productive. When the tool that makes a convincing fake is free and fast, the limiting factor on fraud stops being skill and becomes intent.

AI Can Forge Documents in Minutes – “Looks Right” Is No Longer Enough

Regulators have noticed, and they are pricing the risk. FinCEN issued an alert on deepfake media in financial fraud in late 2024, the FBI’s Internet Crime Complaint Center logged (PDF) more than 22,000 complaints referencing AI in 2025 with associated losses above $893 million, and in the first half of 2025 alone regulators levied over $1.23 billion in penalties tied to weak controls, a sharp jump on the year before. “The document looked right” is no longer a defence a supervised institution can offer.

Signed PDFs sit right in the blast radius. A signature that renders as valid inside one viewer proves very little if the underlying file can be regenerated, re-signed, or quietly edited downstream. This is why PDF signature verification is shifting from a visual check to a cryptographic one. The question a security team should be able to answer is not “does the document open and show a checkmark,” but “can we prove this is the exact file that was signed, on the date claimed, by the party named?”

AI Can Forge Documents in Minutes – “Looks Right” Is No Longer Enough

Answering that reliably means the proof cannot live only inside the sender’s copy or a single vendor’s software. Robust verification ties the proof to the signing event itself and lets any party check it independently.

Approaches that hash each signature to a public, timestamped record do exactly this: anyone holding the document can confirm its integrity without trusting the sender and without logging into a particular platform. The check becomes a property of the document rather than a feature of one application.

The reason detection alone keeps losing is structural. Fraud teams report that a growing share of the fakes they catch are now made with mainstream generative tools, and any detector is trained on yesterday’s forgeries while the generators improve every month.

It is an arms race in which the defender is always a step behind, because the same models that write the detection also write the next fake. Looking harder at the artefact cannot win when the artefact is designed to pass the look.

It helps to be concrete about how the attack works, because the old defences quietly stopped applying. An attacker no longer needs to alter a file in place and risk leaving traces. They can regenerate a document from scratch with the values they want, produce a fresh signature on it, or take a legitimately signed file and edit it after the fact before passing it on. Metadata, the thing fraud teams once leaned on, is the easiest part to fake or strip. Inspecting the artefact tells you less every quarter; only proof tied to the original signing event holds up.

That is why the useful place to apply verification is the point of entry, not the post-mortem. KYC onboarding, vendor and supplier intake, lending applications, and contract execution are all moments where a document crosses from outside the business to inside it, and where a forged file does its damage if it gets through. Checking provenance at intake, automatically, turns verification from an investigation that happens after a loss into a gate that runs before one. The cost difference between the two is the entire fraud.

Picture a single account opening. The applicant submits a selfie, a photo of an ID, and a proof of address. Every one of those can now be synthesised: the face from a deepfake, the ID from a generative model, the utility bill from a template edited in seconds. Each artefact passes a look-test because each was built to. What no attacker can fake is a chain of custody that ties a document back to a legitimate issuer or a real signing event, which is why the defence has to shift from judging the artefact to verifying its origin.

The shape of the loss makes the case on its own. A finance team approves a payment against a supplier invoice that was regenerated with new bank details. An underwriter funds a loan on income documents that never existed. A procurement lead signs off on a counterparty whose certificate of insurance was edited after issue.

In each case, the document looked right, opened cleanly, and showed whatever badge the viewer expected. The failure was not detection at the desk; it was the absence of any way to prove the file was the one legitimately issued, before money or trust moved on it.

Provenance wins where detection cannot because it is deterministic rather than probabilistic. A detector gives a confidence score that erodes as fakes improve. A verifiable signing record gives a yes or no that does not care how good the forgery is: a regenerated file simply will not match the hash of the one that was actually signed, no matter how flawless it looks. That property does not degrade with the next model release, which is exactly what a control needs to do in an arms race.

AI Can Forge Documents in Minutes – “Looks Right” Is No Longer Enough

There is also a practical reason to prefer verification that anyone can run. A control locked inside one vendor’s platform only helps the parties who use that platform, while a bank checking a customer’s document, a regulator reviewing a file, or a counterparty validating a contract each has to be able to confirm it on their own.

Any of them can check provenance anchored to an open, public record without an account, a licence, or a support ticket. In a fraud environment where documents move between institutions constantly, verification that stops at a company boundary is a control with a hole in exactly the place attackers look for one.

What replaces “looks right” is provenance that both a machine and a court will accept. A verification that a system can run automatically at scale, and that an investigator or a judge can later reproduce independently, is worth more than any visual inspection because it does not depend on the skill of the person looking or the quality of the fake. The standard is no longer how carefully someone examined the document, but whether its integrity can be demonstrated by anyone, at any time, without trusting the party who supplied it.

For the teams running KYC, vendor onboarding, and contract intake, the practical shift is to stop treating a rendered signature as evidence. The attacker’s advantage now is generation speed, and that advantage only grows. The defender’s counter is provenance that a machine can verify and a court can accept, applied at the point where documents enter the business rather than after a loss is discovered.

In an era where a persuasive fake takes minutes to produce, “it looks right” is not a control. The control is the ability for a third party to prove the document was not altered after signing, and to do it without taking anyone’s word for it.

None of this is a burden on legitimate documents. A file that was genuinely signed carries its own proof and clears verification instantly; it is only the regenerated or altered one that fails. Adding provenance at intake does not slow the honest applicant or the real supplier, and it does not ask a reviewer to become an expert in spotting fakes that are already better than any human eye.

It simply removes the free pass that “looks right” has been quietly handing to everyone, including the fraudster who now produces convincing forgeries faster than any team can inspect them.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts