TL;DR: AI-enabled document fraud rose 456% between May 2024 and April 2025 in TRM Labs data, while Microsoft Cyber Signals says attackers are using AI to scan company information and generate convincing fake documents, storefronts, and phishing content. The governance gap is no longer document quality alone, but the authenticity and trust checks that verification programmes must enforce.
NHIMG editorial — based on content published by GlobalSign: AI document fraud and the role of digital signatures in trust and security
By the numbers:
- The platform of open-source fraud reports from TRM Labs shows that AI-enabled scams increased 456% between May 2024 and April 2025.
Questions worth separating out
Q: How should organisations verify documents that may have been generated with AI?
A: They should verify issuer identity, check digital signatures or seals, and require workflow-based approval before a document can create trust.
Q: Why do AI-generated documents create identity risk as well as fraud risk?
A: Because documents often act as evidence inside identity, onboarding, and approval workflows.
Q: What do teams get wrong about digital signatures and trust?
A: They often assume that authenticating the user is enough to trust the device that performs signing.
Practitioner guidance
- Implement cryptographic document validation Validate digital signatures and seals automatically at intake for invoices, contracts, certificates, and identity records so a forged file cannot enter the workflow as trusted evidence.
- Separate document review from trust decisions Require issuer verification, policy checks, and approval thresholds before a document can trigger account creation, payment release, or privileged access.
- Harden onboarding and vendor workflows Add step-up review for any document that affects identity proofing, third-party access, or financial authorization, especially when the evidence originated from email or QR code.
What's in the full article
GlobalSign's full article covers the operational detail this post intentionally leaves for the source:
- Practical examples of how digital signatures and digital seals are used to verify authenticity across documents and messages.
- Specific use cases across government services, finance, corporate communications, academia, and supply chain documentation.
- The source article's discussion of how signatures help preserve brand trust and reduce document fraud exposure.
- Further examples of preventive measures, including security awareness and verification practices that complement cryptographic controls.
👉 Read GlobalSign's analysis of AI-generated document fraud and digital signatures →
AI-generated document fraud: are verification controls keeping up?
Explore further
AI document fraud is now a verification governance problem, not a design edge case. When attackers can create believable documents at scale, the control question shifts from how realistic the file looks to whether the organisation can prove origin and integrity. Identity verification teams, onboarding teams, and compliance owners all inherit the same burden: trust must be earned cryptographically or procedurally, not visually. The practitioner implication is to treat document authenticity as a governed control plane.
A question worth separating out:
Q: Who is accountable when forged documents drive a bad access or onboarding decision?
A: Accountability should sit with the process owner that allowed the document to act as proof, not only with the reviewer who missed the forgery. Identity, fraud, and business process owners all need clear control ownership so validation requirements are enforced before a decision is made.
👉 Read our full editorial: AI document fraud is forcing stronger identity verification controls