Fraud in Private Lending: How Lenders Get Targeted and What Actually Stops It

Lending fraud is at historically high levels and rising. The post-pandemic combination of cheap AI, aging borrowers more familiar with technology than ever, sophisticated voice-cloning tools, and a hundred thousand new fraud channels operating from inside and outside the United States has produced an environment in which every private lender — regardless of size — is being actively targeted. The Federal Trade Commission and SBA Inspector General estimates of fraud losses since 2020 run into the hundreds of billions of dollars across the U.S. economy. Lending fraud is a meaningful slice of that.

For a private lender, fraud is not a hypothetical risk. It is an operating cost. The lenders who do not lose meaningful capital to fraud are the ones who have built deliberate prevention into the underwriting and closing process. The lenders who do lose money usually share a common pattern: trust signals that turned out to be fabricated, file documentation that wasn’t independently verified, and an underwriting process that compressed time at the wrong points.

This guide walks through the fraud tactics private lenders are actually facing in 2026, the practical prevention controls that work, and what to do when fraud surfaces in the portfolio.

How Lending Fraud Actually Reaches a Lender

Fraud in private lending arrives through a relatively short list of channels:

Voice cloning and AI-generated communications. A few seconds of audio — often pulled from publicly available video, podcasts, or social media — produces a convincing voice clone. The clone is then used to call a lender’s loan officer, impersonating a borrower or a borrower’s authorized representative, requesting changes to wiring instructions or authorizing disbursements. The voice sounds correct because it is, in the literal sense, the borrower’s voice. The fraud is in who is operating the audio.

Email impersonation and Business Email Compromise (BEC). A subtle variation of an email address — a substituted character, a different top-level domain, a near-twin spelling — combined with a familiar tone and signature block produces a message that appears to come from a known counterparty. BEC is the largest single channel of fraud loss in U.S. business by FBI estimates, and it routinely targets escrow wiring instructions in real estate closings.

Fake supporting documents. Pay stub templates, tax return generators, bank statement editors, and AI-driven document forgers are widely available. A motivated fraudster can produce a fully internally consistent income and asset package that looks authentic to a casual review. Underwriting that relies on borrower-provided documents without independent verification is increasingly exposed to this category of fraud.

Identity theft — both synthetic and real. Synthetic identity fraud combines real and fabricated information to create a borrower who does not exist but has a credit profile, an address history, and apparent employment. Traditional identity theft uses a real person’s information (often without their knowledge) to apply for credit in their name. Both produce loans the lender originated to a counterparty who is, in legal terms, no one.

Mail theft and document interception. A 300-percent increase in postal employee robbery since 2017 reflects a specific underlying tactic: the high-value target is the arrow key that opens cluster mailboxes in apartment buildings, dormitories, and condo communities. With one arrow key, a fraudster opens hundreds of mailboxes in a single building. Closing documents, recorded deeds, debit cards, and account statements all become available.

Straw purchases and sponsor fraud. A “buyer” appears to be acquiring property — but the actual purchaser is a different party concealed behind the straw, often using the fraud to layer money or to defraud a co-investor. Loans originated against straw-buyer transactions can be voidable, and the lender may discover the structure only when the actual purchaser surfaces post-closing in litigation.

AI-driven scaled fraud. Tools that write convincing borrower narratives, generate synthetic property images, fabricate market analyses, and produce fake comparable sales data are now widely accessible. These tools allow fraudsters to scale operations that previously required expert craftsmanship.

The Prevention Controls That Actually Work

Across lenders who run substantial volume without significant fraud losses, a small set of controls recurs. The pattern is more about discipline than about sophistication:

Independent Document Verification

Every income document, asset statement, and property document the borrower provides should be verified against an independent source:

• Tax transcripts directly from the IRS. Form 4506-C signed by the borrower authorizes the lender to pull transcripts directly from the IRS rather than relying on borrower-supplied returns.
• Bank statements verified through aggregation services. Plaid, Akoya, and similar account-verification services confirm balances and transaction history without relying on PDF statements that can be edited.
• Employment verification through The Work Number, payroll service, or direct employer contact. Avoid relying on borrower-provided pay stubs as the sole evidence of employment.
• Property valuations from independent appraisers selected by the lender. Borrower-introduced appraisers create alignment problems even where no fraud is intended.

The principle: do not trust borrower-supplied documents when the lender can directly source the underlying information.

Wire Transfer Discipline

The single most preventable category of loss is wiring fraud. Effective controls:

• Verbal verification of every wire instruction change. Every change to wire instructions — even small ones — must be verified by phone with a known counterparty using a phone number from the lender’s records, not from the email containing the change.
• Multi-person authorization for wires above defined thresholds.
• Wire-recall protocols with the lender’s bank, including a published internal procedure for the first hour after a fraudulent wire is identified.
• Two-channel confirmation. A wire instruction received by email should be confirmed by phone; a wire instruction received by phone should be confirmed against records held in writing.
• Skepticism about urgency. Fraudsters use time pressure to short-circuit verification. Any wire request that comes with “this needs to happen today” or “the borrower is going to lose the deal” should trigger increased scrutiny, not relaxed controls.

Identity Verification at Origination

Fraud prevention at the borrower level requires layered verification:

• Government ID verification through a service that detects forgery and confirms the document is authentic.
• Knowledge-based authentication (KBA) questions drawn from credit bureau data, not borrower-provided information.
• Synthetic identity screening using services that flag combinations of SSN, name, and address that don’t have a coherent history.
• Biometric verification where the loan size or risk profile justifies it.
• In-person notarization for closings, with caution about remote online notarization (RON) where the verification process is weaker than in-person.

Title and Closing Controls

Real estate closings are a primary fraud target because they involve large wire transfers, complex documentation, and multiple parties:

• Closing protection letters (CPLs) on every transaction where an authorized agent — not the underwriter directly — is conducting the closing.
• Bonded and insured closing agents. Verify the agent’s E&O coverage and any state-required bonding.
• Direct lender-to-title-company communication on closing instructions and wire details, not relayed through the borrower or borrower’s counsel.
• Tracking of disbursement against closing instructions. Reconcile the actual settlement statement to the closing instructions before authorizing wires.

Underwriting Skepticism

A few process habits that catch fraud:

• Sit with anomalies. A pay stub that shows perfect rounding, a bank statement with zero ATM activity, an income that exactly matches the underwriting requirement — each is a soft signal worth a second look.
• Cross-check identifiers. SSN should be consistent with name and DOB across documents. Property address should match in all documents (including utility bills). Employer name should match across pay stubs and tax returns.
• Verify the property exists and matches the description. A drive-by, an aerial image, or a verified address lookup catches the rare but high-loss “non-existent property” fraud.
• Independent comparable sales. Don’t rely on borrower-supplied comps for valuation.

What to Do When Fraud Surfaces

Fraud detection in a lending portfolio rarely produces a clean path. The lender’s response affects both recovery prospects and the development of the loss:

Immediate Steps (Hours, Not Days)

• Stop any pending disbursements. If the fraud is detected pre-closing or pre-disbursement, the loss can sometimes be avoided entirely.
• Initiate wire recall if a fraudulent wire has gone out. Banks can sometimes reverse wires within the first 24 to 72 hours; after that, recovery becomes much harder.
• Document the discovery. Time-stamped notes, screenshots of fraudulent communications, and copies of altered documents should be preserved immediately. The investigation is downstream of the documentation.
• Notify the bank, the title company, and any other counterparties in the transaction.

First-Week Steps

• File reports with law enforcement. The FBI’s Internet Crime Complaint Center (IC3), local FBI field office, and state attorney general’s office should all receive reports for serious fraud. Recovery rates from law enforcement are honest about the fact that they’re modest, but reports are sometimes consolidated into broader investigations that produce results.
• Notify insurance. Crime, fidelity, and cyber insurance policies may respond to certain fraud losses. The notice clock typically runs short, so notify early even if the coverage analysis isn’t complete.
• Engage counsel. Legal options include civil fraud claims (which require proof of misrepresentation, materiality, reliance, and damages), restitution requests in any criminal proceeding, and possibly claims against third parties whose negligence enabled the fraud (title companies, escrow agents, banks).

Realistic Expectations About Recovery

A few realities about fraud recovery that lenders should plan around:

• Law enforcement enforcement of lending fraud is variable. Many cases are treated as civil disputes rather than criminal matters, particularly for fraud below high-dollar thresholds.
• Civil judgments against fraudsters are often uncollectible. A judgment against an offshore fraudster who used a stolen identity is functionally a piece of paper.
• Insurance recovery depends heavily on policy terms. Read the policy before claiming; some coverage requires specific factual patterns to respond.
• Prevention is the highest-ROI investment. Every dollar spent on fraud prevention controls returns multiples in losses avoided.

Where Geraci LLP Helps

Geraci LLP’s banking and finance and litigation teams work with private lenders on fraud prevention and response — closing-instruction controls, wire-fraud protocols, fraud-related civil litigation, recovery efforts against fraudsters and third parties, and insurance-claim support. The firm also reviews lending platforms’ overall fraud-prevention posture and recommends improvements based on actual loss patterns observed across the private lending market.

If you have detected fraud in your portfolio, are tightening your fraud-prevention controls, or are pursuing recovery on a fraud-related loss, contact Geraci LLP.