PDFraud: The Scams Hiding in Plain Sight

PDFs are everywhere: contracts, invoices, tax forms, closing documents, and onboarding packets. They look official, they feel legitimate, and that familiarity is exactly what scammers exploit. To understand the true cost of document-based fraud, we analyzed FBI IC3 crime data and mapped reported losses to common PDF-related fraud scenarios, drawing on threat intelligence research to identify where PDF delivery can be a primary attack vector. 

What we found puts a dollar figure on just how much trust in a file format can cost. We also surveyed 1,000 Americans to understand how document-based scams work, why they succeed, and what they're actually costing people. For anyone who sends, receives, or approves documents at work, the findings are worth a close look.

When a PDF lands in your inbox, it carries an implicit layer of trust, and scammers have learned exactly how to exploit it. The numbers behind that exploitation are significant. Below, we identified common PDF-related fraud scenarios and mapped them to FBI IC3 crime categories. 

Cyber-enabled fraud cost Americans $17.7 billion in reported losses in 2025, accounting for 85% of all cybercrime losses reported to the FBI. Among PDF-related fraud scenarios we identified, fake invoice and vendor impersonation schemes, along with spoofed e-signature requests, were mapped to the FBI's Business Email Compromise category and represented the costliest threat to victims, with BEC losses totaling $3.05 billion in 2025.

Credential-harvesting PDFs, which we mapped to the Personal Data Breach category, accounted for $1.31 billion in reported losses. These documents are designed to look like routine account verification requests, tricking recipients into entering login credentials through official-looking PDF forms or embedded links.

AI-assisted fraud, which can involve fake forms and official-looking PDF documents, generated $893 million in losses in 2025. As AI tools make it easier to produce convincing counterfeit documents at scale, the line between a legitimate PDF and a fraudulent one continues to blur.

Email was the single most common way fraud victims were contacted, generating 371,651 reports and $502 million in losses, which was more than any other contact method tracked by the FTC. This matters for PDF fraud specifically because email is a major delivery vehicle for malicious attachments.

Despite leading in report volume, email produced comparatively lower total losses than several other contact methods, suggesting that PDF-based email scams succeed through scale and reach rather than high per-victim extraction. Social media generated the highest total contact-method losses at $1.9 billion from fewer reports, indicating that when scams migrate off email and onto other platforms, individual losses tend to be significantly higher.

Knowing that document scams exist is one thing. Understanding exactly how they pull people in, and what happens after, tells a different story.

Nearly half of working Americans encountered a suspicious or fraudulent PDF in the past year, and nearly 1 in 5 of those who received one acted on it before realizing something was wrong. Here are the actions they took:

• Clicked a link inside the document (44%)

• Downloaded or opened it (38%)

• Submitted personal information (17%)

• Signed or electronically agreed to something (11%)

• Made a payment (5%)

Nearly 1 in 4 people (24%) who acted on a fraudulent PDF lost money as a result, with a median loss of $150. Credit card was the most commonly requested payment method at 34%, followed by debit card or bank transfer at 28%, payment apps such as Venmo or Zelle at 22%, cryptocurrency at 13%, and gift cards at 13%. Despite the financial stakes, 15% of people who acted on a suspicious PDF never reported it to anyone.

The data makes clear that visual trust cues do most of the heavy lifting for scammers. Familiar logo or branding was the top reason victims said the document seemed legitimate, cited by 54% of those who acted on a fraudulent PDF. A known sender name followed at 39%, with arrival via a trusted platform cited by 24%. Urgent language and professional grammar each drove 23% of victims to comply.

Top Scam Types Americans Have Encountered

1. Fake shipping or delivery form requesting personal details (52%)

2. Fraudulent PDF invoice requesting payment to an unfamiliar account (44%)

3. Spoofed e-signature request (20%)

4. Fraudulent contract or legal agreement (20%)

5. Fake PDF converter or editing tool requesting payment or info (15%)

Most people believe they can spot a fraudulent document. The habits behind that confidence tell a more complicated story.

Three in four respondents said they are confident they could spot an AI-generated PDF, yet 78% also agreed that AI has made it harder to tell a fake document from a real one. The tension between those two responses captures something important: awareness of the threat hasn't translated into skepticism at the moment of action.

 Nearly two-thirds of respondents (64%) had received some form of workplace training on document fraud, and those who had were more likely to feel confident in their ability to identify a fake.

The AI angle runs in both directions. While 46% of respondents said they have used an AI tool to generate or edit a document for work at least sometimes, 26% said they have used AI to help determine whether an email or document was legitimate or a scam. Nineteen percent admitted to submitting an AI-generated or AI-edited document to their employer for reimbursement or approval at least sometimes, a figure that raises its own questions about document verification from the inside out.

Even so, 37% of professionals said their employer has no policy for verifying a PDF before processing payment, meaning that for more than a third of workers, there is no established protocol to fall back on when something suspicious arrives. Even among the most routine document types, a meaningful share of people rarely or never verify the sender before acting.

PDF fraud works because it borrows the trust people already have in familiar formats, logos, and sender names. The data from this study makes one thing clear: confidence in your ability to spot a fake and actually catching one in the moment are two very different things. Building a habit of verification, even a quick one, before clicking, signing, or paying is one of the most practical defenses available. For organizations, establishing a documented process for PDF verification should be a priority.

Methodology

Loss figures are drawn from the FBI IC3 2025 Internet Crime Report and reflect the total reported losses for each IC3 crime category. These categories do not specifically identify PDF as a delivery mechanism. 

The classification of each crime type as PDF-related fraud is inferred based on corroborating sources including FBI guidance on Business Email Compromise, an HHS sector alert on DocuSign abuse, threat intelligence from Proofpoint and IBM X-Force, IRS fraud guidance, and IC3 public service announcements, which document PDF-based delivery as a primary or common vector for each fraud type. FTC contact method data is sourced from the FTC Consumer Sentinel Network 2024 fraud reports.

Smallpdf surveyed 1,000 Americans who work full or part-time to better understand their experiences with fraudulent digital documents and their habits around PDF verification. The survey was conducted in May 2026. Respondents were 53% women, 46% men, and 1% non-binary or another gender identity. Generationally, respondents were 53% millennial, 27% Gen X, 15% Gen Z, and 5% baby boomer. 

Some questions were asked only of respondents who reported receiving a suspicious or fraudulent PDF in the past 12 months; percentages for those questions reflect that subgroup. Questions that allow multiple selections are noted where applicable, and percentages for those questions are based on the total number of respondents who answered rather than total selections.

About Smallpdf

Smallpdf is a leading online document platform trusted by millions of professionals, students, and businesses to create, convert, compress, sign, and manage PDF files quickly and securely. As PDF-based fraud becomes increasingly sophisticated, Smallpdf's suite of tools helps users handle files with greater confidence and control. Whether you're sending a contract, reviewing an invoice, or managing onboarding documents, Smallpdf makes it easier to work with documents safely.

Fair Use Statement

The data and findings in this article are available for noncommercial use. If you reference or republish this content, please include a link with proper attribution to Smallpdf at smallpdf.com.