Fraud officially crossed the digital divide in 2024, as digital document forgery surpassed physical counterfeits for the first time. According to Entrust’s 2025 Identity Fraud Report, digital forgeries accounted for 57% of all document fraud. Digital document forgeries are growing at an annual clip of 244%. That’s a major contributor to a global cybercrime tab that’s expected to reach $10.5 trillion this year.
Senior fraud expert Simon Horswell said fraudsters continually adjust their tactics, so financial institutions must, too. One adjustment some struggle with accompanies the digital shift. As the pressure for convenient onboarding increases, more are allowing uploaded images. That opens the door to additional fraud types like virtual camera injections that can be waged via an app.
“We’ve seen this big swing from well physical counterfeits,” Horswell said. “This switch means that physical counterfeits are down about 30% and digital forgery, or digital manipulation of an image of a genuine document, which was probably at 16% at the last count, suddenly jumped up to 52%.”
“This comes a year after we saw a similar kind of spike or shift with biometrics. In 2022-23, we saw a significant shift towards using deep fakes with biometrics. We saw a 3,000% increase. We went from like hundreds of attacks using deep fakes to tens of 1000s. The following year, we saw digitally manipulated images of documents.”
How geography influences fraud
Fraudsters’ tactics change with geography. Many factors contribute to this, beginning with regional attitudes to friction. The European Union seeks a balance between security and reduced friction, while the USA prioritizes onboarding with as little friction as possible.
“Just using SSN as a way of identifying someone, for example, which leaves you wide open to synthetic identities if you’re not trying to bond that identity somehow,” Horswell said. “The approach we’ve always had in Europe with remote identity verification has been, let’s have your government-issued document, and then I can verify that in and of itself. Then, let me bond that to your identity by you presenting some form of biometrics so I can prove that you are the owner of the document that I’ve just verified.
“But that seems to have taken a lot longer to find a foothold in the States.”
Horswell suspects that GenAI has helped many realize the significant threats they now face, like synthetic identities. Bots can fill in forms at scale to simplify large-scale attacks. If the impediments are weak, the target is more attractive.
Document quality is another issue. Some of the most popular counterfeited documents globally are India’s tax ID, Pakistan’s and Bangladesh’s national ID cards, and France’s passport. Horswell said document quality is partially a factor of what it is used for. Internal documents have lower standards than passports, which must satisfy global security thresholds. In some cases, funding shortages lead to digital documents, which users must print out at home.
Crypto, Fiservs are the top 3 fraud targets
This should be of particular concern to financial services sectors, which occupy the three most targeted industries in 2024. Cryptocurrency companies saw fraudulent activity attempts rise 50% from 6.4% in 2023 to 9.5% in 2024.
Yet, many institutions use older systems. They struggle to adapt as technology innovates faster than they can adjust.
Horswell recognizes that because he must constantly adapt to keep the criminals out. Detection systems are constantly trained to detect innovations like digital masks. Computer vision can recognize human eye distortions. Other tactics can be identified via frame-by-frame analysis.
“Training your system to spot it visually is one way, but hand in hand with that, you have to look at the non-visual elements, the passive elements around it,” Horswell said. “As the systems get better at spoofing the visual effects, there are still going to be clues and breadcrumbs in the coding, in the data that comes with that media package.”
And nothing is foolproof.
“What I try to do with my team is to push the detection point further up the chain, try and find out the more indelible things, the ones that can’t be edited, that can’t be tweaked, can’t be hacked, that are going to be very difficult to spoof. So it’s just trying to push the frontier as far back as you can in the chain to ensure that you’re protected, more reliable.”
Some elements may be unalterable now, but not down the road. Horswell said fraudsters use developer tools and constantly seek end-arounds. They subtly alter documents to see if they evade detection. That’s leading compliance authorities in the EU to push for video assessments.
Horswell suggests that this could force criminals back to higher-quality fakes, like the ones designed to fool border control officers. That creates a problem for them, as it’s expensive and doesn’t scale like remote verification does.
Cryptocurrency companies, lenders and traditional banks are the most popular fraud targets. Horswell said TradFi is well-prepared as it’s highly governed and has been fighting fraud forever.
Cryptocurrency players should look to TradFi, because the popular they become, the higher the compliance expectations they’ll have to meet.
Financial services fraudsters often create sleeper accounts, which are later used for money laundering. Some accounts are sold online to other criminals. Lenders are more subject to scaled attacks as criminals seek the big score.
The push for change
These trends have many discussing re-authentication at high-risk moments. Horswell said everyone is realizing the flaws with one-time passwords.
If institutions can tie someone to a biometric, there should be minimal friction during the next interaction.
Self-sovereign IDs are on the way, but how soon is debatable. Horswell believes they’ll be government-run, but that raises questions. Who’s paying for the onboarding? Who’s verifying?
“It’s clearly on the horizon, but how close are we to the horizon as an industry?” he asked. “All of us are trying to gear up for it, but you need that first one so that you’ve got something to aim for.
“The interoperability, how this is all going to work, is going to be a key factor as well.”