A 2026 playbook for outsmarting the fraud surge

The K-shaped economy isn't the only bifurcated trend shaping the insurance landscape. Another is a surge in fraudulent claims, driven by bad actors using high-tech and low-tech tools.

On one end are hackers using AI to create convincing deepfakes. At the other end are criminals returning to old-school frauds like check forgery. Insurers, employees and policyholders are stuck in the middle, one wrong click away from triggering financial and reputational chaos.

As fraudulent claims evolve, so do the defenses against them. Let's review four of the most common fraudulent claims we see in the lumber and building materials industry and practical ways to combat them.

Fraud is rising across the board

Once rare, fraudulent claims are on the upswing. What used to occur once or twice a month now happens two-to-three times more frequently. Here are the four most common types:

1.     Voluntary parting claims
These start when a bad actor opens a line of credit or uses a stolen card, makes purchases and never pays. Voluntary parting claims are the most frequent fraudulent claim and often go unnoticed until losses pile up. Financial damages typically range between $3,000 and $15,000, although they can exceed $300,000.

Inventory loss compounds the damage. In some cases, delivery drivers are tricked into loading materials onto trucks instead of a warehouse or jobsite. Once the bad actor drives off, the materials vanish for good.

2.     Misdirection of payment claims
These stem from email spoofing. A threat actor gains access to the email account of an employee with the authority to make purchasing decisions. They study the account for weeks, track invoices, then clone an incoming invoice and change the routing number, directing funds to their own account. Once discovered, the insured must repay the vendor. Financial losses typically range between $5,000 to $6,000, although we saw one international claim a few years ago for several hundred thousand dollars.

3.     Ransomware claims
Ransomware is high profile and high cost. Attacks begin with a single malicious click that grants hackers access to internal systems. They can last days, with ransom demands typically requested in Bitcoin or another cryptocurrency. A recent report shows that the average ransomware claim costs more than $1.2 million, up from an average loss of $705,000 in 2024.

4.     Check whitewashing and forgery
As cyber awareness grows, criminals are reviving low-tech frauds. Check whitewashing — erasing the ink on a legitimate paper check and rewriting it to steal the funds – was rare for two decades but has resurged. We've seen about a half-dozen of these claims in 2025.

AI for bad, and for good

AI has made it shockingly simple for criminals to falsify documents and create deepfakes using simulated audio and video that sounds 100% real. Yet the same high-tech tools used to perpetrate fraud can also be used to catch cybercriminals red-handed.

Some life and P&C insurers are already deploying "AI vs. AI", using AI-powered fraud detection tools to analyze images and determine their legitimacy. Voice analytics tools are also being relied upon to analyze vocal patterns for signs of manipulation. As AI deception grows, these tools will become more commonplace for insurers.

Human- and tech-led fraud prevention strategies

While AI can help detect anomalies, people remain the best first line of defense for most companies.

To prevent voluntary parting claims, employees should request clear copies of a vendor's W-9 and driver's license. Staff should also perform a quick online check to ensure the buyer's company is legitimate prior to shipping materials. For instance, do they have a legitimate website? How about Google Reviews (more than a small handful of 5-star reviews, which are likely entered by the bad actors)?

Reducing misdirection of payment risks also requires human intervention. Companies should establish two verification policies. First, they should require employees to confirm a vendor's routing number change by phone – not email – before issuing payment. The reason a call should be made versus using an email is the bad actors may end up answering your email and verifying any changes made. Secondly, they should work with their bank to require executive sign-off for large purchases. If potential fraud is detected, staff should alert the vendor that their email system may be compromised.

Minimizing check whitewashing and forgery goes back to some tried-and-true practices, such as keeping checks in a locked box or drawer upon receipt. Checks should never be left out in the open on an unattended desk or area.

Preventing ransomware attacks, meanwhile, is an ongoing battle. Robust employee training is essential for raising awareness of social engineering and phishing scams. An effective strategy is to conduct monthly mandatory cyber training and testing along with periodic, unannounced simulated phishing campaigns. When someone clicks a simulated phishing link, deliver in-the-moment training to prevent similar mistakes in real life.

To protect their networks overall, insurers and their clients should work toward zero-trust security. Such a posture operates on the principle of least privilege, which means users are given the minimum access to systems necessary for their daily work. Implementing multi-factor authentication (MFA) – requiring more than one form of verification to access a system – is a good way to jumpstart the journey. It's easy to integrate and users pick it up instantly because they already use it in their personal lives.

Fight back against fraudsters

Non-stop vigilance is required to curb the recent rise in fraudulent claims. Raising employee awareness and investing in fraud detection tools create a strong combination that can save insurers and their clients from financial loss and reputational damage.