But if you pay attention, the signals are there: hidden in metadata, document formatting, behavioral patterns, and sometimes, in something as seemingly benign as a search query.
At Inscribe, we believe that effective fraud prevention begins with curiosity.
Our approach, especially across our risk and product teams, involves reverse-engineering fraud tactics: studying forgery techniques, deconstructing document manipulation patterns, and using those insights to inform the detection capabilities of our AI systems.
But recently, our investigation took an unconventional path through SEO data.
While reviewing keyword trends in our SurferSEO dashboards, I noticed a series of search phrases that stood out.
These weren’t queries from customers looking for document verification tools, or underwriters learning about income analysis. They were search terms that looked more like intent signals from fraud actors themselves.
We decided to explore further.
Using search volume data from SurferSEO and on-site behavior from Google Analytics, we isolated clusters of keywords likely associated with fraudulent document creation.
Then we cleaned the data (removing clearly legitimate queries) and studied what remained.
A keyword is simply a search phrase typed into Google. But in aggregate, keywords become a behavioral dataset:
Most companies use this data to understand demand, but we can also use it to understand deception.
Below is a sample of keywords with monthly volume that reflect interest in document forgery tools—not education or curiosity.

While these aren’t inherently criminal, they mirror the tactics we’ve seen in known fraud attempts, particularly in loan underwriting and KYB use cases.
The keywords break down into four common document categories:
These mirror the document types we most frequently detect as manipulated using Inscribe’s document agents—especially in high-trust workflows like loan underwriting.
One of the more revealing signals is the structure of the search terms:
“how to make a fake bank statement”
“create your own pay stub”
“generate employment verification letter”
This phrasing is intentionally subtle. It uses the semantics of personal productivity to disguise malicious intent. It’s one of the reasons Inscribe’s detection engine doesn’t just look for anomalies—it reasons about them.
It’s easy to think of SEO as a growth function. But when used through the lens of document risk, it becomes a lens into how fraudsters think, search, and act.
At Inscribe, we’re committed to helping risk teams reason through risk—not just react to it. And that means building intelligence from every available source. We use these queries as directional evidence, not deterministic labels. They help guide red-teaming, customer training, and threat monitoring—not drive standalone decisions.
If your team is interested in leveraging more proactive detection methods (including intelligence like this), our document agents are ready to help.
Request a demo or request a free trial of Inscribe’s document agents. What will we find hidden in your document data?
Brianna Valleskey is the Head of Marketing at Inscribe, where she has spent nearly five years building the company's go-to-market engine from the ground up. She leads demand generation, SEO and AEO strategy, events, content, and marketing operations — and sits at the center of Inscribe's pipeline strategy, working closely with Sales, CS, and EPD to drive growth. She co-hosts the Good Question podcast and produces Inscribe's annual State of Document Fraud report.
Start your free trial to catch more fraud, faster.