Document fraud: document types, techniques, and prevention

What is document fraud?

Document fraud is the act of intentionally altering, faking, or stealing documents then attempting to pass them off as legitimate, helping fraudsters siphon resources or inflict losses on well-meaning organizations.

So when does document fraud happen? In what processes? 

Everything from opening a bank account to applying for a loan, investing, or accessing government services require legitimate documents: ID cards, bank statements, utility bills, and official forms like W2s and paychecks.

Companies must check these submissions for fake documents to ensure that truly eligible people are accessing the services. 

Fraudsters actively do harm to organizations by providing them fake documents during these collection processes that “prove” their identity or personal information, gaining ungenuine and ungranted access to the services locked behind these document-based entry portals.

Types of document fraud

There are many different ways to create fake documents and each method requires different fraud detection techniques to successfully identify. 

To help you implement the best document fraud detection solution for your business’s unique challenges, here are the types of document fraud you’re likely to encounter.

 

Document forgery

Document forgery is making fake documents or imitating real ones entirely from scratch. Even working off a high quality example, making a believable fake can be hard. 

However, many types of documents are produced across the globe and cataloguing them all to detect for even the most basic forgeries can be challenging. 

If your document processing system is exhausted or underqualified, this basic technique can fool its way past your security.

 

Document alteration

Document alteration or document manipulation involves making changes to an existing genuine document. 

This can be as simple as modifying a name, address, or a few numbers using an image editing program. It can also be complex like adding textures or changing backgrounds to submit multiple copies of the same fake. 

It’s particularly challenging to detect this type of document fraud with the naked eye — as we highlighted in our Habito case study.

 

Identity theft or stolen documents

Often used interchangeably with identity fraud, identity theft refers to finding, stealing, or even buying someone else's personal information to use for fraud. 

This can be an extremely difficult method for traditional anti-fraud systems to flag, as the information being used—name, Social Security number, even actual copies of documents like bank statements—are completely genuine, they just aren't being used by their owner.

 

Synthetic identities

Synthetic identity fraud involves using a mix of real and illegitimate information. 

Often this combines identity theft and document forgery and/or document alteration, where a certain amount of information is stolen, like a name or credit card number.

The remaining information is then provided by the fraudster, such as a fake bank statement or a forged proof of address.

 

Template fraud

It's not hard to find ready-to-edit templates for all kinds of documents online—and one good example is Doc Juicer, the largest template farm on record. 

These can be in PDF or image format, free or paid, and exist in various qualities. While technically a form of document alteration, template farms or document mills are so prevalent and impactful that we consider them their own form of fraud. 

Watch the webinar From Template Farm to Serial Document Fraud to gain firsthand insights into how this type of fraud operates.

 

Pre-digital document modification

Pre-digital modifications begin when a document is forged and printed into a physical copy. The fraudster then photographs or scans it to digitize in an attempt to hide all signs of modification. 

This is very effective at fooling humans and less sophisticated fraud detection solutions that overly rely on metadata. However, there are several methods that can be used to prevent this kind of document fraud from scaling.

 

Generated document fraud

While still in its infancy, the growing availability and democratization of generative AI means that wholly original documents generated from scratch are starting to make their way into the wild. 

These can range from laughably bad (gibberish words on documents from non-existent institutions or countries) to eerily difficult to detect. 

While these algorithms are relatively good at faking the images, their text generation (in terms of completeness, cohesiveness, font accuracy, logo generation, etc) is still relatively rudimentary. 

 

Serial fraud

Serial fraud is an emerging but rapidly growing form of fraud that combines one or more of the methods above to identify vulnerability in an institution's controls. Then they use automation and other technologies to repeatedly exploit that vulnerability on an industrial scale.

For example, once a winning combination of forged documents successfully bypasses controls, they can generate hundreds of variants and open dozens or even hundreds of fraudulent accounts in a relatively short period of time — under the control of a single fraudster. 

Often, this form of fraud won't be uncovered unless all documents received by a company are compared against one another, as we found in our Payoneer case study.

Get a full run-down of the 8 different types of document fraud techniques and how they can fool traditional detection and prevention measures.

 

What type of document fraud is the most difficult to detect?

While all document fraud use cases are diverse and difficult to detect, there are a few that stand out to us as a fraud detection company:

 

Identity theft/stolen documents

On a document-by-document basis, this can be the toughest to catch — because the documents themselves are legitimate. However, we’ve seen success in spotting these cases when a secondary non-ID document is required — sometimes two or even three (e.g., a utility bill for proof of address).

The more supporting documents are involved, the harder it is for fraudsters to provide stolen originals for all of them, increasing the chances of catching inconsistencies.

However, it’s not always ideal to request too many documents from customers and can increase customer journey friction. If all else fails, fraud fighters can turn to additional context beyond the document itself: device intelligence, submission characteristics, user behavior — we call this a "defense in depth" approach.

This type of fraud becomes especially dangerous when executed at scale, with the same stolen identity reused across multiple applications with some tweaks—commonly referred to as serial fraud.

 

Pre-digital document modification

When done well, this is one of the hardest types of fraud to detect. These are often scanned or printed documents with no visual clues or structural anomalies. Detection software can still offer context about quality, origin, and whether the document matches expectations for a digital original.

That’s why many companies are tightening policies around document intake—accepting only original digital PDFs and enforcing stricter guidelines.

 

Template farms, generated document fraud, and serial fraud

These methods are particularly tricky—and constantly evolving. New templates, new backgrounds, new fake components, new submission tactics. Generative AI makes it even harder, enabling fraudsters to edit templates at scale and produce hundreds of unique versions quickly.

Frauds like these are tough for review teams, who rarely see the full scope. With limited visibility and often high turnover, teams may miss broader patterns until it’s too late.

Continuous, proactive monitoring is key. Sharing insights across teams—and even companies—can strengthen collective defenses. Collaboration is essential to staying ahead in the fight against fraud.

Universal document fraud red flags

While every document is different, there are some universal signs that their contents could be fraudulent. If your company comes across any of these signs during fraud document detection, you should flag the entry as problematic.

It might not be fraudulent, but is definitely worth further review. 

1. Document detail discrepancies. One clear indicator that a document is fraudulent is when the data doesn't make sense, contradicts, or is inaccurate/incorrect. This can come in many forms but some of the most common are: 

• • • Inconsistencies. If the data doesn’t match other sources or data within the document then it is probably fraud (for example: a customer address in a database doesn’t match the utility bill supplied or an address is listed differently in the same document.) 

    • Spelling errors. Official documents rarely misspell their content.

    • Math mistakes. If the figures in the document don’t add up or are misrepresented, it can be a sign of fraud. 

2. Tampering indicators. Any changes or alterations can be a sign of document fraud. False documents always need to be modified or created by the fraudsters in some way. 

• • • Visual tampering. Marks that were erased, or smudged to be harder to read, or even differences in the ink consistency. 

    • Metadata. Digital signs of document tampering include unauthorized edits, file creation data differences, software version changes, printer or scanner info, and more. 

    • Tampering before re-digitization. Changes made to a document (i.e., altering text) and then scanning it back into digital format. 

3. Anti-fraud elements. Some documents have built-in security features to help organizations detect document fraud. 

• • • Absence of anti-fraud elements. If the document is missing a watermark, hologram, or microprint that it’s supposed to have, it’s a clear indication of false documents. 

    • Poor imitations. Blurry, incomplete, inaccurate, or misaligned replications should never be accepted. 

 

4. Formatting mistakes. Formatting problems or inconsistencies in structure can also indicate fraudulent documents. 

• • • Fonts, layouts, and page set up. Differences in font, misaligned layouts, page numbering errors, improper section breaks, orientation mismatches and derivations from the norm are all indicators of document fraud. 

    • Logos and designs. Outdated, misplaced, incomplete, or fake product logos and designs. 

5. Suspicious submission behaviour. The way your users are behaving during the submission process can tell a lot about the authenticity of their document.

• • • Incomplete. If a document has missing sections, blank fields, or the client is refusing to provide requested information, it might not be a trusted document.

    • Frequent changes and updates. If the client is updating or changing the document multiple times throughout the collection process. 

    • Unusual location. If a person is submitting a foreign document for a domestic document verification process or submitting from an unusual IP location. 

6. Document quality. One of the most visual indicators of document forgery is the overall look and feel of the document. More specifically, its quality. Blurry, unrendered, or compressed images are atypical in the formal document submission process. 

• • • Photocopying. Submitting a document that is not original can be a red flag, especially when original documents are required. 

    • Low quality images/scans. Blurry or partially obscured documents can not be accurately checked and therefore cannot be detected for fraud. 

Common fake documents and how to spot them 

Some fraudulent documents are more common than others (i.e., W-2 forms, invoices, pay stubs, etc) largely because these are the documents that fintechs and other businesses request most often as verification methods. 

To help prepare you for document fraud prevention, here are some of the most common fakes and how a document fraud detection software might expose them.

 

How to spot a fake proof of address

Proof of address can be verified through a wide range of documents. Anything from fake utility bills to bank statements to Social Security award letters can suffice. Keeping up to date with every possible issuing authority is nearly impossible. 

However, logo detection that flags out-of-date designs, page layouts that don't match genuine versions, or even an unfamiliar mix of fonts can quickly uncover the ruse. 

Structural information like metadata changes, versions of the file, and even color correction can help detect forgery for new document sources without much historical context. 

 

How to spot a fake bank statement

Bank statements are essential for confirming proof of funds, proof of income, and proof of address, especially for online lenders during the underwriting process. 

More skilled fraudsters might skip document forgery and instead choose to edit PDF versions of bank account statements that can be easily downloaded from an email or banking app. 

While outwardly convincing to the naked eye, this approach leaves an obvious technological trail that the file has undergone unauthorized changes.

 

How to spot a fake W2

W2 forms are essential during tax season and are often requested by lenders and government services to verify proof of employment and other personal details. Fraudsters might present fake W2s to inflate their income or secure loans they aren't qualified for. 

Fake W2s and other standardized forms can be exposed based on inconsistencies in numbers, referencing employers or identification numbers that don't exist, or even hard-to-see details (like fields that don't align with the rest of the form). 

With growing advancements in technology, knowing how to spot a fake or forged W-2 form is essential to mitigate potential risks in income verification processes.

 

How to spot fake pay stubs

Pay stubs can be used by both individuals and companies, whether for proof of income, employment, or address or as part of bookkeeping and company administration. Fakes might be used to secure loans, cover up embezzlement, etc. 

In addition to standard checks for Photoshopped names or numbers, it's often a red flag if the document hasn't come directly from common bookkeeping software.

 

How to spot fake merchant onboarding materials

Merchant onboarding or know your business (KYB) is an even higher-stakes game than typical KYC onboarding processes, as penalties for doing business with inappropriate entities can be higher. Losses from SME lending are often much larger as well. 

Fake merchant onboarding materials like certificates of incorporation or business licenses can suffer from any of the problems noted above and/or unique issues like digitally added official stamps or notarizations.

Searching the documents for inconsistent business details, template reuse, suspicious bank account information, or metadata + file anomalies is a good place to start.

 

How to spot a fake ID

IDs are essential for most know-your-customer (KYC) processes. 

One of the primary ways fraudsters manipulate IDs is through image doctoring, altering the photo, name, or other details on the ID itself. 

This is often quite crude—letters are clearly copied and pasted from elsewhere on the card or an all-new photo has evidently been imported into the image file. 

Stolen IDs or more convincing fakes, especially those used in serial fraud rings, are often exposed by image matching and noting commonalities in uploaded ID images.

See recreated examples of document fraud in these 6 types of documents—and how Document Forensics uncovers them as fakes.

Document fraud technologies

Fighting document fraud means understanding your enemy. Staying up to date with the latest tactics and techniques can keep your institution one step ahead and secure. Here are the latest technologies criminals are using to forge documents. 

• Image and text editors. Fraudsters use software like Photoshop, Adobe Acrobat, and Microsoft Word to alter documents and replace information. 

• OCR tools. Optical character recognition can be employed to scan documents and convert them into an editable text. 

• Fake document generators. Many online generators exist (both legal and illegal) for creating seemingly legitimate recreations of official documents. Recently, large language models (LLMs) like ChatGPT have also been misused for this capability.  

• Scanning and printing equipment. Criminals need the best quality scanning and printing equipment possible to fool fraud detection systems. 

• Template farms. Many illegal domains exist on the internet for downloading document templates and using them illegally. You can even find document fraud templates on popular sites like Pinterest. 

Why is document fraud on the rise in 2025?

Altering or outright forging documents used to be a challenging and therefore relatively uncommon undertaking. Creating fake IDs, for example, was an underground cottage industry. Convincingly reproducing official forms took a good deal of artistry and often specialized equipment. 

On top of that, actually using manipulated documents carried a great deal of risk: the fraudster usually stood face-to-face with their mark and could easily be identified and apprehended if the jig was up.

In the digital age, however, the fraud scene is entirely different. The financial services we all rely on are online, either in large part or in their entirety. 

Meanwhile, image editing tools like Photoshop are available to anyone who wants them and online marketplaces abound with real documents — personal information on offer can turn up with just a simple internet search. 

Anyone anywhere can sit behind the safety of their computer screen and upload created or stolen digital documents into digital onboarding processes, fooling unprepared systems with "good enough" fakes. They can overwhelm systems with thousands of submissions at once or paint a confusing picture with a combination of real and fake information. 

Document fraud today is cheaper, easier to replicate, and simpler for anyone to attempt thanks to advances in consumer software, template farms, and companies’ digital processes.

For tech companies, business plans rely on high-automation and low-overhead operations, putting the security of their online portals at risk. Fraudsters automating their attacks at the same level is daunting. 

When trust in a brand is particularly crucial, as with financial services, even one example of an exploited vulnerability can be ruinous—just ask the instant money transfer apps struggling with Authorized Push Payment fraud today.

The good news: these same tech companies are also usually the firms best placed to implement countermeasures. Specifically designed defense systems to deal with high-volume document fraud are achievable — so long as you have the best tools available to counter it.

Document fraud legislation

Document fraud is addressed in many different laws and acts throughout the globe. Below, find a set of notable legislation from different jurisdictions, along with links to the official government sources:

 

1. European Union (EU)

 

• Regulation (EU) 2020/493 on the False and Authentic Documents Online (FADO) System: Established the FADO system for sharing information on authentic and false documents among EU member states and other stakeholders to combat document fraud.
  
  

2. United Kingdom (UK)

 

• Forgery and Counterfeiting Act 1981: Defined offenses related to forgery, including the making, using, or possessing false documents with intent to defraud.

3. United States (US)

 

• Forgery Act: Addressed the crime of forging documents with intent to defraud, including penalties for such offenses.

• False Claims Act of 1863: Initially enacted to combat fraud against the federal government, it has been amended to include provisions for whistleblower protections and fraud enforcement.

4. Canada

 

• Criminal Code – Sections 366, 367, and 368: These sections defined offenses related to forgery and uttering forged documents, including penalties.

5. Australia

 

• Crimes Act 1914: Contained provisions related to criminal offenses, including those concerning document fraud.

• Criminal Code Act 1995: Established criminal offenses, including those related to fraudulent conduct and document offenses.

6. International Cooperation

 

• INTERPOL – Identity and Travel Document Fraud: Highlighted INTERPOL's role in combating document fraud through forensic support and international cooperation.
  

• Europol – Forgery of Administrative Documents: Detailed Europol's efforts in addressing the forgery of administrative documents and related trafficking.

Who commits document fraud?

Many kinds of people can use fraudulent documents in many situations, not just career criminals as part of elaborate scams. 

Defining who uses fake documents and why helps with detecting fraud, leading to successful document fraud detection and prevention. 

Typically, document fraudsters fall into two major categories: first-party fraud and third-party fraud.

 

First-party fraud

First-party fraud is when an individual uses their own identity but alters certain details or provides misleading information. The fraudster is committing fraud in their own name and for their own benefit, usually to bypass restrictions or to take advantage of services or benefits that otherwise wouldn't be available to them. 

Example of first-party document fraud: A person inflating their income on a pay stub or account statement in order to qualify for larger loans.

First-party fraud’s mix of real and faked information makes it harder to spot.

 

Third-party fraud

Third-party fraud is when an individual assumes a completely different identity, typically by stealing someone else's personal details, creating a fictitious identity altogether, or mixing real and faked information.

Because it can impact both victims of identity theft and businesses, third-party fraud is arguably the more malicious type of fraud. 

Example of third-party document fraud: A person uses a data leak to steal someone’s personal information then uses that information, along with a fake document generator, to apply for a loan. 

The challenge with third-party fraud lies in the involvement of unsuspecting people or identities of people who have never existed at all. Without records of the people, or their own knowledge of the criminal activity, it can be hard to screen them on identity alone.

Learn more about these categories, including examples of first-party and third-party fraud fraud schemes. 

How to detect document fraud 

Companies must use a broad array of fraud detection and prevention techniques to effectively fight document fraud. These include:

• Conducting a fraud risk assessment

• Securing the KYC onboarding process

• Using document fraud detection software

• Manual reviews

• Continuous, ongoing monitoring  

By combining these techniques companies can comprehensively stop fraud altogether or at least make their businesses far less appealing to criminals.

Fraud risk assessment

Undertaking a fraud risk assessment is the first step in effective fraud risk management.

Determine: 

• The threats you're up against.

• Your unique vulnerabilities.

• Your risk tolerance.

• How potential solutions might affect the service you provide.

Clearly defining these principles should be a priority before you start implementing your fraud detection framework.

 

Securing the KYC onboarding process against document fraud

Knowing how your document intake process currently works helps to define where your strengths and weaknesses are. 

Intelligent document processors (IDPs), ID verifiers (IDVs), and optical character recognition (OCR) programs affect the type of checks your documents need to undergo as well as what you need from your fraud detection software.

 

Document fraud detection software

Artificial intelligence (AI) and machine learning can detect document fraud by analyzing metadata, visual structure, and internal integrity for signs of forgery. 

Good systems will build templates of legitimate documents to compare against incoming ones, while the best document fraud detection technologies will go beyond pre-trained classification approaches, becoming document-agnostic and detecting general anomalies in any document type.

Anomaly detection is a core mechanism. The strongest systems will also allow you to enrich those findings with signals such as customer submission behaviors, information included in forms, and other data sources to dramatically increase detections with a layered, more secure approach. 

Adopting the right AI-powered fraud detection software (like ours) will help your company detect fraud automatically. 

 

Manual review

Relying solely on human reviewers to detect document fraud in digital documents just isn't feasible, since it's usually invisible to the human eye. Basic metadata checks are manually possible, but this approach is neither effective nor scalable in the face of mass-produced forgeries and template farms. 

Currently, if you aren't relying on an AI-powered document fraud detection solution, you aren't stopping fraud.

That said, completely removing humans from the process isn't a great idea either. Quality document fraud detection software should act as a filter or an enhancement to prevent slam-dunk fraud cases from landing on a manual reviewer's desk. 

However, they must also allow for human insight on novel cases that require human expertise, creativity, and deeper investigatory attention to adjudicate whether a difficult case is fraudulent or not—and to teach the system how it should handle future instances.

 

Continuous monitoring

Continuous monitoring, or perpetual KYC, is a way to protect your business on an ongoing basis, effectively relying on multiple preventative layers to uncover threats that may have evaded fraud detection efforts elsewhere.

For example, comparing documents you've historically received to incoming ones safeguards against reused documents, identity theft, and serial fraud. Similarly, when transaction monitoring and behavioral analysis of existing customers exposes criminals, a retrospective analysis of all the documents you've collected could detect even more sleeper accounts that may have slipped through using similar patterns of document fraud.

Conclusion

As technologies advance and online transactions grow, document fraud continues to evolve in sophistication and scale. 

Traditional detection methods are no longer enough. Whether you’re battling first-party fraud, third-party identity theft, or high-volume synthetic attacks, staying ahead requires more than good intentions — you need the right defenses.

Frequently asked questions about document fraud

Hungry for more document fraud content? Here are some popular questions from around the web: 

 

What is an example of document fraud? 

There are many great real world historical examples of document fraud from Frank Abignail’s fraudulent checks that led to the Catch me if You Can film to a fake of Hitler’s diary.   

However, one of our favorite examples is from the lending industry: the Fannie Mae multifamily loan case. In this example, three investors used fraudulent documents to obtain a loan of $74 million from the Fannie Mae lending company. This exploited gaps in Fannie Mae’s lending process which they later corrected by adding enhanced oversight and stricter underwriting requirements. 

 

What is the most common method of identifying document fraud? 

The most common method of identifying document fraud is a rules-based system. Companies and institutions will develop rules libraries that define hundreds to thousands of rules for specific use cases/document types and then judge their incoming documents against this ruleset.

While relatively effective, this isn’t nearly as efficient as AI-based document fraud detection. 

 

How does AI assist document fraud detection? 

AI uses computer vision and machine learning to improve document fraud detection by analyzing documents for inconsistencies, anomalies, and signs of tampering. It can detect imperceptible details the human eye can't. It can account for unforeseen circumstances that rules-based systems can only address retroactively and continue learning and improving as an ongoing process. 

 

How does government document fraud occur? 

Government document fraud is the same as normal document fraud, but it happens with official government documents like passports, birth certificates, and driver’s licences.