Data Laundering in Enterprise Advisory: GPTZero Audit Reveals Widespread Citation Hallucination in EY Canada Report

An automated audit by GPTZero has revealed that EY Canada's 2025 cybersecurity report on loyalty fraud relies heavily on fabricated citations and contradictory metrics. This systemic generation of fake references highlights how unverified LLM outputs are laundering synthetic data into public information systems and downstream AI pipelines.

Automated Pipeline Detects Advisory Slop

In late 2025, Ernst & Young (EY) Canada published a 44-page cybersecurity report titled Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems. Though credited to three human employees, an automated audit by GPTZero using its Hallucination Check tool revealed that the document operates as an assembly of AI-generated text, fake statistics, and fabricated citations. This systematic creation of artificial references—referred to as vibe citing—represents a growing point of failure in research and advisory pipelines.

Anatomy of the Fabricated Reference Table

Rather than utilizing standard academic footnotes, the EY Canada report consolidates its references in a resources table spanning pages 41 to 43. A manual verification of GPTZero's automated scan confirmed that more than half of the cited titles do not correspond to real sources, and almost all provided URLs are broken or fake.

The fabrications span multiple industry-standard publishers:

• Gartner Market Trends – Loyalty Fraud: The cited URL resolves to Gartner's homepage; no document matching this title exists in their database.
• McKinsey & Company – Loyalty Economics Report (2022): The cited report is entirely non-existent.
• Cisco Talos (API Attacks on Retail), Wired (API Security Gaps; AI Voice Deepfakes), and BleepingComputer (Airline Loyalty Breach): All provided URLs return 404 errors, pointing to paths that never existed.
• Forbes ($200 Billion Loyalty Economy): The URL is broken, and while the author has written for Forbes, no article matches this title.
• TechCrunch (Loyalty Program Breaches): The URL maps to a generic tag page rather than a specific investigative article.

Logical Inconsistencies and Source Laundering

The reliance on generative models introduces severe logical contradictions within the report's core dataset. On page 4, the executive summary claims the global loyalty points market is valued at $200 billion, with 30% to 50% going unused, referencing the hallucinated Forbes citation. However, on page 10, the report claims that the $200 billion figure represents only the unredeemed loyalty points, citing the non-existent McKinsey report. For both metrics to be true, the total global market value would have to be at least $400 billion.

Investigation into the McKinsey citation revealed a mechanism of source laundering. The fake reference was traced back to a six-month-old post on an obscure UK fintech blog, Financial IT, which had fabricated the "McKinsey & Company: Loyalty Economics Report (2022)" citation. The EY report's generation process ingested this low-quality blog post and replicated the fake citation verbatim, effectively laundering a hallucinated source into a Big Four publication.

Additional data discrepancies exist. A 72% customer loyalty fraud statistic is attributed to a 2019 Paystone post on page 6, but on page 11, the exact same 72% figure is attributed to a 2020 Forter summary of an NRF event. Neither source is included in the final reference table, and the actual metric originates from a 2017 Ipsos survey. Similarly, an 89% increase in fraud attacks is attributed both to a period "since 2019" on page 6 and strictly to "2018 to 2019" on page 11, using an outdated Forter Fraud Attack Index.

Downstream Data Poisoning

The propagation of hallucinated statistics in corporate reports creates a vectors-of-infection problem for the broader information supply chain. EY Canada’s report has already been referenced in a Canberra Times article syndicated to more than 60 Australian newspapers. By publishing these fabricated assets to the open web, organizations execute an unintentional data injection attack, poisoning the training data and search indexes relied upon by subsequent human researchers and AI agents.