Review Mills and Duplicate Peer Review Fraud: What Medical Authors Need to Know in 2026

Most medical researchers understand, at least in the abstract, that paper mills exist. These are commercial operations that manufacture manuscripts to order, sell authorship slots, and submit the resulting papers to journals under the names of researchers who may barely have glanced at the work. The problem is well-documented, with estimates suggesting that somewhere between 2% and 10% of biomedical literature in certain subfields may originate from paper mills. What is less widely understood is that there is a separate, parallel industry supplying the fake peer reviews those papers need to get accepted.

Review mills operate differently from paper mills but serve the same commercial purpose. Instead of producing manuscripts, they produce reviewer reports. A paying client submits a paper, and the mill arranges for the journal to receive favorable, superficially plausible reviews from accounts that appear to belong to legitimate researchers. In some cases the same review text is recycled across multiple submissions, sometimes under different reviewer names, sometimes for entirely unrelated manuscripts. The fraud is not always obvious from inside a single submission. It becomes visible only when someone looks across thousands of reviews at once.

That is exactly what IOP Publishing did. In May 2026, the not-for-profit publisher announced the results of its Duplicate Review Checker, a machine-learning tool that had processed around half a million reviewer reports dating back to 2020. The tool found nearly 2,500 cases where more than 60% of the content of one review closely matched another, including instances where the same report was submitted under different reviewer names for different manuscripts. This is the most concrete window yet into the scale of review fraud at a single publisher, and it has prompted other publishers to accelerate their own detection programs.

Review Mills Are Not the Same as Paper Mills

The distinction matters because the two problems require different detection strategies and have different effects on the literature. Paper mills produce the manuscripts themselves. The fraud is embedded in the content: fabricated data, non-existent experiments, manipulated images, invented citations. Retraction Watch's database contains tens of thousands of retractions linked to paper mill output, and AI tools trained on figure analysis, reference networks, and writing style have gotten reasonably good at flagging suspected mill manuscripts before or after publication.

Review mills, by contrast, leave no trace in the paper itself. A manuscript from a legitimate author can receive a fraudulent review. A paper from a paper mill can receive both a fraudulent and a genuine review; the genuine one might be critical, and the fraudulent one pushes the paper over the acceptance threshold. The fraud is in the review process, not the paper, which means the only way to detect it systematically is to look at the reviews themselves, across time and across journals, and to notice when the same text keeps appearing.

That is also why the problem was largely invisible for so long. Journal editors see one submission at a time. Even if they handle hundreds of manuscripts per year, they have no reason to compare the review they received for a neuroscience paper in January to the review they received for a different paper in cardiology in March. Review mills exploit that siloed perspective. A cross-journal, multi-year text comparison is exactly what individual editors cannot run.

What IOP Publishing's Duplicate Review Checker Found

IOP Publishing (IOPP) is the publishing arm of the Institute of Physics, covering physics, applied science, and engineering. It is not a medical publisher by primary focus, but the patterns it identified in its peer review corpus almost certainly exist in biomedical publishing as well, and the announcement has been widely read as a proof of concept for what systematic review auditing can uncover.

The Duplicate Review Checker, which had been in pilot since 2024, uses machine learning to compare incoming reviewer reports against a database of reports already received. The 60% content match threshold is the trigger for flagging a case to the editorial team. In isolation, that threshold might seem lenient, but peer review reports for technical papers in a given field naturally share vocabulary, sentence structures, and common critiques. A 60% similarity across reports for different manuscripts in different journals is a strong signal, not a coincidence.

The findings from processing that half-million report corpus are striking. Nearly 2,500 flagged cases amounts to roughly 0.5% of all reports processed, a rate that would represent a meaningful contamination of the peer review record if distributed proportionally. Some of the matched reports were reused with minor modifications. Others were submitted verbatim under different reviewer account names for manuscripts on different topics. In cases where the duplication is confirmed as fraudulent, IOPP discards the report and appoints new reviewers to assess the manuscript independently.

PLOS, the open-access publisher, has taken a related approach from a different angle. Using analysis of AI-generated content in peer reviews, PLOS identified 55 articles that were flagged with Editorial Notes or Expressions of Concern by May 2026. The nature of the fraud is slightly different: whereas IOPP's tool focuses on copied review text, the PLOS investigation centers on reviews that appear to have been generated by large language models rather than written by a human expert. Both forms of fraud undermine the same gatekeeping function.

What Publishers Are Doing Beyond Text Comparison

Duplicate text detection is the most concrete tool currently in use, but publishers are building broader integrity check suites. Springer Nature, which publishes a large share of biomedical research including the Nature portfolio, BMC journals, and dozens of specialty medical titles, announced in 2026 an expansion of its AI-assisted integrity tooling to cover irrelevant and fabricated references in submitted manuscripts. The tool is used by Springer Nature's Research Integrity Group and covers submissions across nearly all of its journals. The check looks for references that do not support the claims they are cited for, a pattern common in paper mill output and in AI-assisted manuscripts where hallucinated citations were introduced without verification.

Springer Nature's Snapp submission platform runs 14 suitability assessment steps before a manuscript reaches a reviewer. These include data availability statement checks, human and animal ethics verification, clinical trial registration confirmation, and flags for text patterns associated with misuse of AI. The goal is to catch problems at submission that would otherwise surface at peer review or after publication. Human experts review results before final decisions are made.

Frontiers runs a tool called the Artificial Intelligence Review Assistant (AIRA) across its medical and science journals. AIRA includes language quality assessment, figure integrity checks, plagiarism detection, and conflict-of-interest identification. Research integrity platforms operating across multiple publishers, such as the STM Integrity Hub and tools from companies including Clear Skies, use network analysis of reviewer accounts, author credentials, and co-authorship patterns to flag papers that show signatures of organized mill activity before they are accepted.

The collective picture is of an industry that spent decades treating peer review as an informal honor system and is now retrofitting a detection infrastructure on top of it, under pressure from a problem that grew quietly while the tools to see it did not exist.

Why Review Fraud Is Especially Dangerous in Biomedical Publishing

In physics or chemistry, a fraudulent paper that passes through fake peer review may waste the time of researchers who try to reproduce the result. In medicine, the stakes are higher. Clinical practice guidelines are updated based on published evidence. Systematic reviews that include fraudulent primary studies propagate the fraud into meta-analyses that influence treatment decisions. Drug approvals can rest on trial data; if the supporting literature includes fabricated safety or efficacy data, the downstream harm can reach patients.

A 2025 analysis estimated that roughly 10% of recently published cancer research literature may originate from paper mills, with some subfields, including liver, gastric, and bone cancer research, exceeding 20%. That figure is contested and methodologically debated, but even a fraction of that contamination is enough to compromise the systematic reviews that clinicians rely on when those papers are included without appropriate scrutiny. The retraction rate has climbed from approximately 0.02% of publications in 2016 to around 0.2% in 2025, a tenfold rise, and the CIDRAP (Center for Infectious Disease Research and Policy) reported a rise in fake references in biomedical papers of around 12-fold between 2023 and 2025. The numbers are moving fast.

How Review Fraud Affects Legitimate Authors Directly

It is easy to assume that review mill fraud is someone else's problem, something that affects bad actors and weak journals. That framing is partly wrong. Legitimate authors submit to journals that may already have been infiltrated. A journal that accepted ten fraudulent papers in the past year has diluted its editorial standards in ways that affect the papers published around those ten. The journal's reputation, indexing status, and quartile ranking are all downstream of the overall quality of what it publishes. If that quality is being manipulated, honest authors who publish there are publishing in a compromised venue.

There is also a direct risk to your own submission. Your paper may be assigned, without anyone knowing, to a reviewer who is part of a review mill operation. The review you receive would be superficially plausible but not genuinely expert. If your paper has weaknesses that a knowledgeable reviewer would catch, those weaknesses may pass undetected. A favorable review from a fake reviewer is not actually favorable feedback. It is a gap in the quality control process.

Perhaps more practically, the new detection tools publishers are deploying are calibrated on suspicious patterns, and those patterns can occasionally surface false positives. An author who routinely suggests the same small pool of preferred reviewers, or whose co-authors have been involved with a flagged institution, may find their submission receiving extra editorial scrutiny. This is not unfair, but it is a change from what authors experienced five years ago. Understanding why that scrutiny exists helps authors respond to it without confusion or frustration.

Vetting Journals Before You Submit

The most concrete action a medical author can take in response to the review mill problem is to vet target journals more carefully before committing a submission. A journal that publishes unusually high volumes, accepts papers very quickly, or has experienced editorial board instability may be a journal where integrity controls are weaker. Those factors are also, not coincidentally, signals that publication ethics researchers use to identify mill-friendly venues.

Check whether your target journal has published expressions of concern or retracted papers recently. Retraction Watch maintains a publicly searchable database; a cluster of retractions at a journal in the past one or two years is worth investigating. It does not automatically mean the journal is compromised, but understanding why those retractions happened is informative. Journals that are proactively detecting and retracting problematic papers are behaving responsibly. Journals where retractions appear to be driven entirely by external whistleblowers rather than internal checks are showing weaker self-governance.

Look also at the journal's peer review transparency practices. Journals that publish review timelines, describe their reviewer vetting process, or offer open peer review, where reviewers are named and reports are published alongside the article, are structurally harder to infiltrate with fake reviews. The anonymity that traditional single-blind and double-blind review provides is also what makes reviewer identity spoofing possible.

What to Do When a Review Seems Wrong

You will almost never know with certainty whether a review your paper received was fraudulent. Publishers do not inform authors when a reviewer has been flagged and replaced; they simply appoint a new reviewer and restart that part of the process. But there are situations where the review you receive is strange enough to warrant a direct inquiry to the editorial office.

Generic reviews that do not engage with your specific methods, data, or conclusions are a warning sign. A review that could have been written for any manuscript in your general area, without mentioning your patient population, your outcome measures, your statistical approach, or your specific clinical question, is not providing the expert assessment that peer review is supposed to deliver. This can be laziness or overload on the part of a legitimate reviewer. It is also the signature of a recycled report.

A review that insists on additions to the reference list, particularly a list of specific papers by specific authors that seem loosely related to your topic, without providing substantive methodological feedback, is a second warning sign. Coercive citation via fake review has been documented enough times that editors take this concern seriously when it is flagged. Write to the editor with specific examples of the suspicious language before you revise. You do not need to accuse anyone of fraud; you can simply note that the citation requests do not appear connected to genuine methodological concerns and ask whether the editor can confirm that reviewer comments represent an independent assessment.

How Detection Tools Change the Submission Experience

The deployment of automated integrity checks across more publishers changes what it is like to submit a medical manuscript in ways that authors should anticipate. Submissions now commonly pass through pre-screening tools that check reference validity, image integrity, AI-content signals, and submission system metadata before a human editor sees the file. Some of these checks trigger queries back to authors, asking for clarifications about data availability, ethics approval dates, or reference sourcing.

These queries are not accusations. They are part of a routine that was not routine until recently. Answering them precisely and promptly is the appropriate response. If an integrity check flags a citation as potentially irrelevant or uncorroborated, provide a brief explanation of why that citation supports your specific claim, or replace it with a better-matched source. The check is doing what a careful methods editor would have done manually, just faster.

Reviewer suggestions also carry more weight, in both directions, than they did five years ago. Many journals now cross-reference suggested reviewers against conflict-of-interest databases and recently flagged accounts. Suggesting reviewers you know personally is appropriate within the bounds of the journal's policy, but submitting the same three colleagues as preferred reviewers on every paper you send to a given journal, particularly if they consistently produce short or favorable reviews, risks generating a false-positive signal that attracts editorial scrutiny. Broadening your suggested reviewer list to include genuinely expert researchers outside your immediate network is good practice regardless of integrity concerns, and it reduces that risk.

Where This Is Heading

The IOP Publishing DRC announcement in May 2026 is almost certainly not a unique data point. Other publishers are running similar pilots, and the results they share publicly will depend partly on competitive considerations and partly on how much scrutiny their own journals can bear. The more interesting question is what comes next: whether cross-publisher data sharing on flagged reviewer accounts becomes standard, whether reviewer identity verification moves from optional to required at major journals, and whether the results of integrity screening tools eventually get published in standardized formats so that the research community can audit them.

COPE, the Committee on Publication Ethics, already has guidelines for editors on how to respond to suspected duplicate peer review. Those guidelines are advisory, not mandatory, and their effectiveness depends on editors knowing to use them. As automated tools identify cases more systematically, the editorial response protocols will need to standardize to match. Right now, the handling of flagged reviews varies significantly from publisher to publisher.

For authors, the practical implication is straightforward. The journals worth publishing in are increasingly the ones running serious integrity checks, not the ones with the fastest acceptance times. Speed at a journal that cannot detect review fraud is not a feature. It is a signal that the gatekeeping function is weak. If a journal accepts your paper in a week with minimal reviewer comment, it may not have applied meaningful review at all, which means the acceptance is worth less than you think.

Choosing journals that are transparent about their peer review process, that publish realistic turnaround times, and that use known integrity platforms is not just about protecting yourself from association with a compromised venue. It is about placing your work in an ecosystem where the review you receive is genuine, and where the evidence around your paper has been subjected to the same scrutiny yours was. That context is what makes peer-reviewed publication meaningful in the first place.

Further Reading