The past year proved to be one of the most revealing yet for threat intelligence teams tracking the evolution of financial crime. Throughout 2025, sustained research and hands-on investigation uncovered just how far industrialised fraud has progressed, particularly across document forgery, account farming and GenAI-driven abuse.
According to Resistant AI, what once required technical skill or insider knowledge is now widely accessible, cheap and alarmingly efficient, reshaping the risk landscape for banks, FinTech firms, InsurTech providers and RegTech platforms alike.
One of the most striking findings of the year was the sheer scale of document fraud powered by template farms. What was previously a niche market for graphic designers has matured into an industrial supply chain offering more than 360k document templates from over 15k issuers.
These templates, sold across hundreds of websites attracting millions of monthly visits, typically cost around $28 and often much less. This surface-level visibility understates the true size of the market, as a significant proportion of activity has shifted to encrypted messaging platforms such as Telegram, where automation bots streamline ordering, payment and delivery. The result is a low-friction environment in which almost anyone can obtain a convincing fake document in minutes.
Alongside template farms, 2025 also exposed the rapid growth of the so-called “verified” account marketplace. Research revealed hundreds of thousands of account listings spanning more than 3k platforms, including traditional banks, digital banks, crypto platforms, marketplaces, freelance portals and social media services. These offerings are not limited to login credentials. Instead, they often bundle verified identities, supporting documents, contact details and even company formation services. This convergence has made serial fraud, money laundering and large-scale scam operations easier to execute, embedding fraud-as-a-service deeper into the financial ecosystem.
Efforts by law enforcement offered important signals but also highlighted systemic challenges. The FBI’s takedown of VerifTools initially appeared to be a significant win. Domains were seized and penalties issued, yet within months the operation had resurfaced, regaining traffic and users through mirrored domains and replicated infrastructure.
This pattern has become emblematic of a broader reality: professional fraud farms are designed to survive disruption. They anticipate takedowns, communicate fallback channels to customers and leverage globally distributed hosting, VPNs and anonymised identities to remain operational.
Generative AI further accelerated these trends in 2025. Advances in image generation have made fake documents visually and structurally convincing, erasing many of the flaws that once exposed forgeries.
Combined with API-driven automation, GenAI has lowered the barrier to entry for document fraud across use cases such as expense abuse, insurance scams and invoice manipulation. As these tools continue to proliferate, the pool of potential abusers is expanding at pace, forcing detection strategies to evolve beyond surface-level checks.
Finally, research into template hubs revealed an often-overlooked source of risk. Platforms such as Scribd, Issuu and Academia host vast numbers of legitimate documents uploaded by unsuspecting users. These authentic files can be easily edited and repurposed by fraudsters, turning open knowledge repositories into inadvertent enablers of financial crime. Together, these findings underline a clear message from 2025: tackling modern fraud requires continuous monitoring, layered detection and a deep understanding of how threat actors adapt at scale.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
