Any organisation that issues digital documents like invoices, diplomas, or signed contracts with employees, partners, or suppliers faces growing exposure. AI makes it increasingly easy for attackers to fabricate identities or alter documents without being detected.

For invoices, contracts, approvals, government certificates, and education credentials, however, cryptographic measures work reliably.

This overview presents six documented threat scenarios from the DACH region and explains how qualified electronic signatures (QES) and regulated seals provide protection.

Documented case (DACH, 2024–2025): Germany's domestic intelligence agency (Bundesamt für Verfassungsschutz, BfV) confirmed that German companies hired North Korean IT workers using fabricated identities. In late 2024, Google Threat Intelligence identified an individual operating with at least twelve personas across Europe and the United States, some with invented degrees from European universities. → Google Threat Intelligence Group, April 2025 · Infosecurity Magazine

In 2025, Pindrop received over 800 applications for a single job posting. A deep analysis of 300 profiles found that more than one third were entirely fabricated. CEO Vijay Balasubramaniyan reported 16.8% fake applications overall. → Pindrop: Deepfake Candidates, 2025

How AI makes this worse: Previously, an attacker needed a stolen identity and nerve. Today, generative AI tools provide the complete package: photo, CV, portfolio, diploma scan, reference letter, and a real-time deepfake face for the video interview.

What's at stake:

• Salary paid to non-existent persons

• Data theft, IP loss, malware infiltration via authorised accounts

• Liability exposure and reporting obligations for regulated roles. In North Korean cases: inadvertent sanctions violations.

Documented case (Switzerland, January 2026): An entrepreneur from the canton of Schwyz transferred several million francs to Asia over two weeks. Instructions came via phone call from an apparent business partner whose voice had been cloned using AI. The fraud was only detected after multiple transactions. SRF, January 2026

Historical reference case: FACC AG in Austria lost €42 million in 2016 via fake CEO emails. Only €10.8 million was recovered, nine years later. SecurityWeek on the FACC case

How AI makes this worse: The FACC attack required weeks of reconnaissance and relied on email. Today the same attack runs in real time: a cloned voice on the phone, a deepfake video conference with multiple apparent executives (Arup case: US$25.6 million). Public LinkedIn and conference videos provide the training material for free.

What's at stake: Payments to fraudulent accounts, disclosed confidential information, contracts open to challenge, liability towards the real business partner, strategic position losses.

Documented case (Germany, 2024–2025): A German pet health insurer saw multiple fraudulent claims for canine operations substantiated with AI-generated X-ray images and forged invoices. Martin Sondenheimer of Neuramancer AI Solutions confirmed the cases to Finanzwelt magazine. → Finanzwelt, 2024

Allianz UK recorded a 300% increase in AI-manipulated damage photos in motor insurance between 2023 and 2024. → Auto Express, Allianz UK analysis

How AI makes this worse: Previously, insurance fraud required staged damage events or crude image manipulation. Today, diffusion models generate photorealistic damage from harmless images; synthetic identities take out policies for non-existent persons. The GDV estimates total annual losses in Germany at over €6 billion. → GDV on insurance fraud

What's at stake: Direct payout losses, higher premiums for honest customers, regulatory risks, reputational damage. With synthetic policies: you are insuring people who do not exist.

Documented case (Germany, 2025): A roofing company was due to invoice €27,000. During the owner's holiday absence, attackers gained access to the email inbox, replaced the IBAN in the PDF, and forwarded the manipulated invoice. Only an attentive accounts clerk prevented the payment. → Diebewertung.de, September 2025 · Borncity, August 2025

The IHK Bodensee-Oberschwaben warned of a wave of such cases with individual losses exceeding €100,000. → IHK Bodensee-Oberschwaben

How AI makes this worse: Previously, invoice manipulation required design skills for layout and fonts. The malware-as-a-service provider GXC Team (discovered in 2023) sells an AI tool that automates IBAN replacement with perfect layout preservation in seconds, for $2,000 per week. Invoice fraud has become an industrial service. → TechNode Global on the GXC tool

What's at stake: Direct revenue loss, payment dispute with clients, damaged client relationship, reputational harm through association with a fraud incident that a seal would have prevented.

Regulatory context:

• Mandatory e-invoicing in Germany: obligation to receive e-invoices since 1 January 2025; obligation to send from 1 January 2027 for companies with turnover above €800,000, from 1 January 2028 for all. → BMF FAQ on e-invoicing

• EU ViDA: EU-wide mandatory e-invoicing for cross-border B2B transactions from 1 July 2030. → Wirtschaftskammer Österreich

Documented case (Switzerland + international): Switzerland's SDBB warned of apprenticeship certificates generated via a foreign website; a federal job applicant was exposed after presenting a fake diploma. → 20 Minuten

Google Threat Intelligence documented invented degrees from European universities, including the University of Belgrade, in the North Korean fake IT worker schemes. → Google Threat Intelligence Group

How AI makes this worse: Previously, forging a diploma required access to templates or design expertise. Today, a single scan of a genuine certificate serves as the template. Generative AI replicates layout, fonts, seals, and signatures in minutes. For digital PDFs, the barrier is even lower, as there is no physical paper to fake.

What's at stake: Every forged diploma bearing your name erodes employer trust and devalues the credentials of your genuine graduates.

Emerging credential ecosystems (European Digital Identity Wallet, Swiss e-ID) will exclude diplomas that cannot carry a seal.

Documented case (Germany, 2025): Hamburg's district court warned in 2025 of a nationwide wave of fraud involving forged court fee invoices following commercial register entries. The fake invoices carried state coats of arms, official court layouts, and fictitious fee items. On a single day, the court received around 60 undeliverable returns. In documented individual cases, fraudsters demanded €1,873 and were often faster than the genuine court billing office. → Justiz Hamburg: Bundesweite Betrugswelle, 2025 · Graf-Detzer Rechtsanwälte, January 2025

How AI makes this worse: Physical official documents carry security features (watermarks, embossing, special paper). Digital PDFs often do not. The Hamburg cases show that attackers replicate court formatting so precisely that even attentive recipients only detect the fraud when they notice the foreign IBAN. With generative AI, this quality becomes the standard, and fraudsters often reach recipients before the genuine authority does, thanks to automated register monitoring. When authorities transition from paper to digital issuance, physical security features are removed without replacement unless a seal is added.

What's at stake: Loss of trust in digitally issued documents. Banks, insurers, and employers revert to demanding paper originals and in-person verification, defeating your e-government strategy. Your authority's reputation is damaged by documents you never issued.

This article reflects the views of SwissSign and does not constitute legal advice.