Medical billing scams cost Americans an estimated $2.7 billion per year, according to the FTC. The FBI puts total healthcare fraud losses at over $100 billion annually. Whether it’s a completely fake bill arriving in your mailbox or a real provider inflating charges for services you never received, medical billing fraud is one of the fastest-growing categories of consumer fraud in the country. Here’s how to spot it, verify any bill, and protect yourself.
1. How common are medical billing scams?
Healthcare fraud is big business. The National Health Care Anti-Fraud Association estimates that 3–10% of all healthcare spending is lost to fraud, waste, and abuse. For individual consumers, the most common threat is fake or fraudulent bills designed to trick you into paying for care you never received.
The problem has gotten worse in recent years for several reasons:
- Data breaches expose patient information. The HHS breach portal logged over 700 major healthcare data breaches in 2025 alone, exposing tens of millions of patient records. Stolen data fuels targeted scams.
- Medical bills are confusing by design. Most Americans can’t tell the difference between a legitimate bill and a fake one because real medical bills are already difficult to read.
- Fear of collections drives fast payment. Scammers exploit the anxiety of medical debt. Threats of collections, credit damage, or legal action push people to pay before verifying.
- Telehealth expansion created new attack surfaces. The growth of virtual care since 2020 means more providers, more bills, and more confusion about who you actually saw.
2. 8 red flags of a fake medical bill
Not every confusing bill is a scam—but these eight warning signs should stop you from paying until you’ve verified the bill is real:
| # | Red Flag | Why It’s Suspicious | What to Do |
|---|---|---|---|
| 1 | Bill for a service you never received | Phantom billing is the most common healthcare fraud type. Scammers bill for visits, tests, or procedures that never happened. | Check your calendar and insurance EOB. If you didn’t have the appointment, don’t pay. |
| 2 | No itemized breakdown available | Legitimate providers must provide an itemized bill upon request. A refusal or inability to produce one is a major red flag. | Request an itemized bill in writing. If they can’t produce one, it’s likely fake. |
| 3 | Provider name doesn’t match your records | The bill names a doctor or facility you’ve never heard of or doesn’t match the provider you actually saw. | Look up the provider on your state’s medical board website. Call your actual provider to confirm. |
| 4 | Pressure to pay immediately by phone | Legitimate billing departments send written statements and allow 30+ days to pay. Aggressive phone demands are a scam tactic. | Hang up. Call the provider directly using the number from their official website or your insurance card. |
| 5 | Unusual payment methods requested | Gift cards, wire transfers, cryptocurrency, or payment apps like Zelle or Venmo are never used by legitimate medical billers. | No legitimate hospital or doctor’s office will ever ask for gift cards. This is always a scam. |
| 6 | No patient account number or reference ID | Every legitimate medical bill includes a patient account number that ties to your medical record. | If there’s no account number, call the provider to verify the bill exists in their system. |
| 7 | Threats of immediate collections or arrest | Providers must follow a billing timeline before sending to collections. No one gets arrested for unpaid medical bills. | Know your collections rights. Threats of arrest for medical debt are illegal. |
| 8 | Bill comes from an unknown address or email | The return address is a PO Box in a different state, or the email domain doesn’t match the provider. | Google the address and phone number independently. Check if the email domain matches the provider’s website. |
3. How to verify any medical bill is legitimate
Follow these steps in order to confirm whether a bill is real:
Step 1: Check your insurance Explanation of Benefits (EOB)
Log into your insurance portal or check your mail for the EOB that corresponds to the date of service. Every claim your provider submits generates an EOB. If there’s no matching EOB, the bill was either never submitted to insurance or is fake.
Step 2: Call your provider directly
Use the phone number from your insurance card, the provider’s official website, or a number you’ve called before—never the number on the suspicious bill. Ask them to confirm the account number, date of service, and amount owed.
Step 3: Request an itemized bill
Ask for a complete itemized statement with CPT codes, diagnosis codes, and individual charges. Legitimate providers can produce this within days. See our guide to getting an itemized bill for exact language to use.
Step 4: Verify the provider’s credentials
Look up the doctor’s name and NPI (National Provider Identifier) number at NPPES NPI Registry. Every licensed provider in the United States has an NPI number. If the NPI doesn’t exist or doesn’t match the bill, it’s fraudulent.
Step 5: Upload the bill for analysis
Use BillKarma’s free bill scanner to analyze the charges against Medicare rates and flag common billing errors. While our tool catches billing errors rather than outright scams, charges that are wildly out of range can indicate fraud.
Case study: The phantom surgery bill
Maria, a 54-year-old in Houston, received a $14,800 bill from “Southwest Surgical Associates” for an outpatient knee procedure she never had. The bill included a real-looking CPT code (29881 – knee arthroscopy) and a plausible facility fee. But Maria hadn’t had any knee problems. When she checked her insurance portal, there was no matching EOB. She called the number on the bill and got a voicemail that never called back. She filed a report with the FTC and placed a fraud alert on her credit. It turned out her insurance information had been stolen in a data breach six months earlier and was being used to generate fake bills targeting patients directly.
4. Common medical billing scam types
Phantom billing
The most straightforward scam: you receive a bill for services that never happened. The scammer may have your name and address from a data breach and sends a realistic-looking bill hoping you’ll pay without questioning it. Phantom billing also occurs from within the healthcare system—the DOJ regularly prosecutes providers who bill Medicare and patients for visits or procedures that never occurred.
Medical identity theft billing
Someone uses your insurance information to receive care, and you get the bill. This is especially dangerous because the fraudulent visits go on your medical record, potentially affecting your future care. Signs include EOBs for services you don’t recognize, unfamiliar providers, or being told you’ve reached your insurance maximum when you haven’t used your benefits.
Inflated bills from real providers
This straddles the line between scam and billing error. A real provider you actually visited bills for more expensive procedures than what was performed (upcoding), adds charges for services that weren’t provided, or bills for longer visit times than actually occurred. While sometimes an honest mistake, systematic upcoding is fraud.
Fake collection calls
Scammers call claiming to be a collection agency for an old medical debt. They create urgency by threatening credit damage or legal action. Under the FDCPA, you have the right to demand written validation of any debt within 30 days.
Insurance impersonation scams
Callers pose as your insurance company, claiming you owe a balance or need to “verify your account” by providing your Social Security number or payment. Legitimate insurers communicate billing issues in writing through your member portal.
5. Scam vs. billing error: how to tell the difference
Not every wrong bill is a scam. In fact, medical billing errors affect an estimated 80% of hospital bills. Here’s how to distinguish the two:
| Characteristic | Billing Error | Scam / Fraud |
|---|---|---|
| Provider | A real provider you actually visited | An unknown provider or one you never saw |
| Date of service | Matches a real appointment | Doesn’t correspond to any visit you had |
| EOB exists | Yes, but amounts may differ | No matching EOB from your insurer |
| Itemized bill | Available on request, may show errors | Unavailable or suspiciously vague |
| Payment methods | Standard (check, card, portal) | Gift cards, wire, crypto, or payment apps |
| Response to questions | Billing department answers and can adjust | Evasive, aggressive, or unreachable |
| Resolution | Corrected through billing department or insurance | Report to FTC, police, and insurance fraud unit |
6. What to do if you’ve been scammed
If you’ve already paid a fraudulent bill or confirmed that a bill is a scam, take these steps immediately:
Step 1: Stop all payments
If you set up a payment plan, cancel it. If you paid by credit card, file a chargeback with your card issuer. If you paid by check, contact your bank about stopping payment.
Step 2: File a report with the FTC
Go to ReportFraud.ftc.gov and file a detailed complaint. Include copies of the fraudulent bill, any correspondence, and records of payments you made. The FTC uses these reports to build cases against scam operations.
Step 3: File a police report
File a report with your local police department. While they may not investigate a single billing scam, the report creates a paper trail that helps if you need to dispute charges with your bank or credit bureaus.
Step 4: Report to your insurance company
Contact your insurer’s fraud hotline (usually on the back of your insurance card). If someone used your insurance information fraudulently, your insurer needs to know so they can flag the claims and issue you new member credentials.
Step 5: Place a fraud alert and consider a credit freeze
Contact one of the three credit bureaus (Equifax, Experian, or TransUnion) to place a fraud alert—they’re required to notify the other two. For stronger protection, place a credit freeze at each bureau. This prevents anyone from opening new accounts in your name.
Step 6: Check your medical records
Request your medical records from any provider named in the fraudulent bill. If someone used your identity to receive care, those false records need to be corrected to avoid dangerous medical errors in your future care.
Case study: Catching a fake collection call
James, a 38-year-old in Chicago, received a call from “National Medical Recovery” demanding $3,200 for an unpaid ER visit from 2024. The caller threatened to report the debt to credit bureaus within 48 hours and offered a “settlement” of $1,600 if he paid by Zelle immediately. James knew his rights: he asked for written debt validation, which the caller refused to provide. He hung up, checked his credit reports (no medical collections), called his insurance company (no matching claim), and reported the call to the FTC. The phone number was linked to dozens of similar complaints across five states.
7. How to protect yourself going forward
Prevention is far easier than cleanup. These habits will make you a much harder target:
- Review every EOB your insurance sends. Even if you think you know what it’s for, check the date of service, provider name, and charges. Flag anything you don’t recognize within 60 days.
- Keep a log of every medical visit. A simple note in your phone—date, provider, reason for visit—gives you a reference to check bills against.
- Never give insurance information over the phone unless you initiated the call to a number you trust.
- Shred medical paperwork before discarding. EOBs, bills, and insurance cards all contain information scammers can use.
- Monitor your credit reports. Check AnnualCreditReport.com at least annually. Medical debts over $500 can still appear on credit reports after the 2023 CFPB rule changes.
- Use your insurance portal. Most insurers let you see claims in real-time. Check it monthly to catch unauthorized use of your benefits early.
- Request an annual summary from your primary care provider listing all visits and referrals. Compare it against your insurance claims to spot discrepancies.
Frequently asked questions
How common are medical billing scams?
Medical billing fraud costs Americans an estimated $2.7 billion per year according to the FTC. The FBI estimates that healthcare fraud overall exceeds $100 billion annually. Scams spike after major data breaches and during open enrollment periods when consumers expect to receive medical paperwork.
What is the difference between a billing scam and a billing error?
A billing error comes from a real provider you actually visited and involves mistakes like duplicate charges, upcoding, or incorrect patient information. A scam involves a fake bill from someone pretending to be a provider, or a bill for services you never received. If the provider is real and you had an appointment, start by requesting an itemized bill to check for errors.
What should I do if I receive a suspicious medical bill?
Do not pay it. First, check your insurance EOB to see if the service was actually filed. Call your provider directly using the number from your own records—not the number on the suspicious bill. If the bill is fake, file a complaint with the FTC at ReportFraud.ftc.gov, file a police report, and place a fraud alert on your credit reports.
Can scammers send me to collections for a fake medical bill?
Scammers cannot send legitimate collection actions, but they may impersonate collection agencies to pressure you into paying. Under the FDCPA, you have the right to request debt validation within 30 days of first contact. A legitimate collector must provide the original creditor name, amount owed, and your right to dispute.
How do I protect myself from medical billing identity theft?
Review every EOB your insurance sends. Check your credit reports annually at AnnualCreditReport.com. Never share your insurance ID or Social Security number over the phone unless you initiated the call. Request a copy of your medical records yearly to look for treatments you didn’t receive. If you suspect identity theft, contact your insurer’s fraud department immediately.