The Centers for Medicare & Medicaid Services (CMS) has identified a fraud scheme targeting Medicare providers and suppliers. As reported in the June 26 MLN Connects® newsletter, scammers are impersonating CMS and sending phishing faxes that falsely claim to be part of a Medicare audit. These faxes request medical records and documentation—but they are not legitimate.



One Alliance member home health agency has reported receiving one of these fraudulent faxes, underscoring the importance of being alert and verifying any unusual audit-related communication.

Important reminder:

CMS does not initiate audits via fax. Agencies should alert front office staff and anyone responsible for handling audit or medical record requests about this scam.

What to do:

• Do not respond to any unsolicited or suspicious fax requesting records.
• Verify the request by contacting your Medical Review Contractor (NGS).
• Protect your agency and patients’ information by sharing this alert with your staff.

If you believe you’ve received a fraudulent request, confirm its legitimacy through your usual CMS audit contact, not the phone number or email listed in the fax.