Identity theft can take anywhere from a few hours to a few years to repair. But it can feel like a lifetime.

Repairing the damage done by identity theft can be time consuming, expensive and emotionally draining ordeal for a victim who's already reeling from the feeling of personal violation.

The surest sign that  crook has stolen your personal information is when bills start coming for things you haven't bough or when lenders deny you credit for reasons you don't understand. The worst case scenario is when a victim ends up flat broke or in jail for crimes he didn't commit.

Millions of people have become victims of identity theft in the past few years, and the recovery process, on average, takes about 500 hours and costs about $3,000.

The key to recovery is to stop and deal with the damage right away. There are a few basic steps you should take to get your life back on track.

• Notify creditors that the account is fraudulent and that you are a victim of identity theft.

• File a police report.

• Place a 90-day fraud alert on credit bureau files.

• Obtain all three credit reports and review them for fraudulent accounts, inquiries and personal information.

• Complete an ID theft affidavit.

• Submit the police report and affidavit to creditors.

• Request that they investigate, clear the account, send a letter of resolution for the victim's record and notify the credit bureaus to expunge the account and any inquiries from linked files.

• Follow up with creditors and credit bureaus until complete.

• Place an extended seven-year alert or freeze on all three credit bureau files to protect against future ID theft attempts.

To protect yourself from becoming a victim of identity theft, make sure to protect your personal information. Don't carry you Social Security card in your wallet. Don't give out your personal information, including your SSN, and banking and credit card numbers.

Make sure to shred any documents that contain your personal information before you dispose of them.

You should also protect your personal information on your computer. Use strong passwords, and install a firewall, as well as virus and spyware protection software.

The unthinkable has happened – your identity has been stolen. Now what?

First of all, don't panic. Panic is your worst enemy in any situation,  because it clouds your ability to think clearly and act wisely. Instead, you should remain calm and prepare to fight. It might take a while before things are back to normal, but the following steps can help.

The first thing you should do is to report the theft to your local police department. Then you should contact your bank, as well as you credit card issuer. You should also place a fraud alert on your credit report. Call one of the three major credit reporting agencies. When you place an alert with one, the bureau will alert the others.

Contact your insurance agent. Most homeowner's policies have some sort of identity theft coverage. This would be the time to find out what it covers. Don't be surprised if it's not much. 

You'll also want to contact the Federal Trade Commission at 1-877-IDTHEFT. The agency collects information about identity theft for studies and analysis. The FTC will suggest that you file a fraud affidavit. Be sure to keep copies of this form and the police report you filed.

Go ahead and get a new driver's license, making sure to get a new number, and not a duplicate of the old one. This is important because if the thief tries to use your license, the old number will be invalid because you've been issued a new one.

Change your locks. The thief has your address, and you'll want to be sure your home is secure, particularly if your wallet or purse was stolen with keys inside.

Call the Social Security Administration. They won't do anything, but it's a good idea to have them note that your information was lost.

Contact your attorney. Identity theft almost always causes legal problems, and you should talk to your lawyer about what's happened, and see if he has any advice. 

You may want to consider a credit monitoring service. Remember that most identity theft happens after the information was lost or stolen. Fraud alerts only last three months. Credit monitoring is a great way to keep tabs on things.

According to their own statistics, the U.S. Postal Service handles more than 207 billion pieces of mail a month. That's 207 billion opportunities for identity thieves to strike.

Your mailbox is the riskiest non-technological point for identity theft. The top two methods of non-technological identity theft are re-routing mail and mail theft. So it's a safe assumption that your mailbox is the biggest threat to your identity.

Re-routing mail tops the list of non-technology threats for identity theft. The re-routing is done fairly easily. The thief gets his hands on your address information, then walks into the local post office and fills out a change of address card. Your mail will then go to the thief's address. This includes any bank or credit card statements you might receive, as well as pre-approved credit card offers. 

Obtaining a person's address is simple: the thief just drives by your residence or looks in the phone book. He can also go through your trash, which is why it's important to shred any documents that contain your personal information.

Stealing mail is also easy if you have an unsecured mailbox. But if you're paying attention to your mail delivery, then you can quickly tell if someone has tampered with or stolen your mail. If a criminal has changed your address, you will be able to tell within a few days, since you won't receive any mail. 

Mail theft is a little harder to catch. Thieves usually take a little of the incoming and outgoing mail, until they have the information they need. This makes it crucial that you know your delivery schedule. You may even want to consider not using the mailbox at the street, and purchase a locked box instead.

In addition, you can put the following safe practices in place:

• Don't leave mail in your box, whether incoming or outgoing. 

• Rent a post office box. 

• Use electronic payments and banking when possible. 

Protecting your mail – as well as your identity – really is just a matter of changing the way you think. It's time to think about the mail habits that you have that could put you at risk, and change them. 

Identity theft is one of the fast-growing types of crime, and is so widespread, that more than 11 million people were victims in the past year, with a total loss of about $54 billion.

Identity theft is defined as the stealing of personal information such as your name, credit card number, Social Security number, driver's license number or other personal identifying information in order to commit fraud. 

Thieves use this stolen information to apply for telephone service, credit cards, lines of credit, payday loans, purchase cars, lease apartments, obtain medical care or apply for a job. They can even commit crimes, using your name, which means you would have the criminal record – and not the identity thief.

Identity theft is so common because it's so easy. Many people think it won't happen to them, and therefore take little or no precautions. How can you prevent being a victim of identity theft?

First, be sure to review your credit card statements monthly. Call your credit card issuer immediately if you see any fraudulent or questionable items. If you don't receive your statement at the usual time, call your credit card issuer immediately. Someone may have changed the billing address to prevent you from seeing unauthorized charges.

Don't throw away credit card slips, statements or other documents containing personal information. Shred them. You should also shred pre-approved credit card offers.

Go through your credit report with a fine-toothed comb at least once a year. Contact any creditors that appear as fraudulent or questionable items.

Be sure to guard your Social Security number and never carry your card in your wallet. Keep it someplace secure.

Never give out personal information over the telephone unless you initiated the call or are sure the person on the other end is trustworthy.

When shopping online, be sure to use secured sites, which have "https" in the URL. Don't click the box asking if you want to save your credit card number for easy ordering on your next visit. It's safer not to have this information stored.

If you fall victim to identity theft, report it immediately to the bank or credit card company. File a report with the local police or sheriff's department. You should also call the Federal Trade Commission at 877-438-4338, and call the three credit reporting bureaus as well. 

Reports of identity theft are registered every day, and more people are falling victim to it than ever before. Increased Internet use, whether on a personal computer or handheld device, may be to blame. Sixteen percent of American households with the Internet reported some kind of identity theft last year, according to a survey by Consumer Reports.

So how do you keep your personal information safe online?

If you access the Internet at home via a wireless network, having a firewall is a must. This helps to form a barrier between your trusted network and any untrusted networks trying to access your computer. Make sure you regularly update anti-spyware, anti-phishing and anti-virus software. Having anti-virus software protection is an important thing that a lot of folks just simply forget about. Most of these programs are subscriptions, so you can't assume that you just have them on your computer or that the subscription lasts more than a year.

Make sure to secure your mobile devices, like smart phones or iPads, with passwords and encryption, just in case they are lost or stolen. For many people, these devices contain just as much personal information as a home computer. You should also set up your accounts with a pin code as well, so that in order to make any changes regarding your personal accounts, you would need to have a four-digit code to access them.

Do your research before you download free apps to your device. You never know who might have access to your personal date via your apps.

Beware of social networking sites. This is where most personal information is lifted. So consider how much you post on your page. If your date of birth, phone number, address or maiden name appear on your Facebook or MySpace page, these could be used to obtain the rest of your personal information. Be sure to set restrictions on your profile so only certain groups of people can view your personal information.

Never give anyone your personal information, such as your Social Security number, in an e-mail. "Phishing" e-mails may look like they're from your bank or credit union, but if you are affiliated with a bank, that institution already has your personal information. They won't need you to e-mail it to them. If you receive an e-mail requesting that you do so, call your bank to confirm the e-mail was sent before responding.

If a suspicious e-mail contains a link, don't click on it, no matter how tempted you are. The safest thing you can do to find out what the site is would be to get out of the e-mail, and type the URL for the link into your Web browser separately.

When it comes to protecting your personal information, the best advice is to follow your own common sense. When in doubt, don't.

A federal appeals court ordered Virginia's attorney general to cease threats of suing a privacy advocate who publishes Social Security numbers of elected officials on the Web site, The Virginia Watchdog.

Betty Ostergren, owner of the site, now avoids being sued by the state's top law enforcement official for breaching a state law that prohibits the publication of such information. The court did not, however, strike down the law, which was adopted in 2008 and carries a $3,500 per violation.

A three-judge panel said the regulation breached Ostergren's First Amendment rights as they applied to her protected political speech. The court found the purpose of her speech outweighed the privacy interests of around three dozen public officials whose data were published on her site. She published land records that contained the Social Security numbers to protest the data being included in local government documents publicly available online.

"Seeing a document containing a Social Security number posted on my Web site makes a viewer understand instantly, at a gut level, why it is so important to prevent the government from making this information available," Ostergren said.

The determining factor in the judgment by the panel was not that the numbers were posted, but how they were posted. They were not posted in a list form, but were part of documents maintained by government officials.

Ostergren's lobbying of the Virginia government resulted in the state moving to redact 2 million records.

In May, a federal judge in Florida struck down a law prohibiting the publication of a police officer's name, phone number or address, calling the statute an unconstitutional restraint on speech.

The ruling stemmed from a case involving the arrest of a Florida man who was jailed in 2008 for posting the personal information of a police officer at ratemycop.com. The man posted the information, which the site did not normally require, after he claimed that the officer was rude to him when investigating a call at the apartment complex he managed.

The case was later dismissed for procedural reasons, but the man sued, and a judge awarded him $25,000 in damages.

The Better Business Bureau has issued a warning about a new phishing scam that is being passed around in Facebook. The subject if the scam is McDonald's, but the real target is your personal information.

The scam claims that McDonald's is closing and there's a link attached that offers the "real" reason why. The message reads: "OMG! McDonald's might soon shut down because of this! Warning: Your jaw will drop to the floor!"

The reader is then instructed to follow the steps to find out why, and is ultimately led to a link that reads, "Like This Page!" and then click on the "Like" button to continue.

Once the link is clicked, the reader is asked to take a survey that asks for personal information. There is also the risk of infecting your computer with spyware, malware or viruses designed to steal personal information or passwords stored on your computer.

Phishing scams work because they have a sensational hook disguised as a link that promises insider information. The reason scammers use Facebook is simple: the site has 500 million users. It's one of the biggest ponds on the Internet in which to phish.

The BBB offers some advice to protect your identity online.

• Parents should teach their children about online scams and identity theft, since millions of Facebook users are young people.
• Do not click on suspicious links disguised as sensational information, even if the link comes from a Facebook friend.
• Do not give out personal information online unless you are 100 percent sure the recipient is a secure, encrypted site and you know for what purpose the information will be used. Web addresses for secure sites begin with "https" and have a padlock symbol in the lower right corner of the screen.

The U.S. Department of Justice Bureau of Justice Statistics has released its National Crime Victimization Survey, and it shows that identity theft increased 23 percent from 2005 to 2007.

During that same two-year period, the number of households that experienced credit card theft increased by 31 percent, and the number that experienced multiple types during the same episode increased by 37 percent. During the six-month period for which data was collected, 3.3 percent of households discovered that at least one member had been a victim of at least one type of identity theft. From 2005 to 2007, the number of households that experienced the unauthorized use of a credit card, another existing account and multiple types of identity theft in a single episode all increased significantly.

In 2007, half of all victimized households, accounting for nearly 4 million households, experienced the unauthorized use or attempted use of a credit card account. The second-most common type of identity theft in 2007, experienced by 1.9 million households, involved the unauthorized or attempted use of existing accounts such as bank, checking or debit, or cell phone.

Households headed by individuals ages 65 and up were less likely than any other age groups to be victims of identity theft. A lower percentage of HIspanic households experienced identity theft than non-Hispanic households. Households with incomes of $75,000 or more experienced a higher rate of identity theft than households in lower income brackets. Households with one person were less likely to experience ID theft than households with two or more persons.

In 2007, 32 percent of households victimized by ID theft reported a financial loss of $500 or more. Households experiencing the theft of personal information were more than twice as likely as households with thefts of credit cards or other accounts to report that no money was lost due to the identity theft.

Among households experiencing the misuse of personal information, those with financial loss reported an average loss of $5,650. Across all victimized households reporting a financial loss, the average amount lost per household was $1,830.

There was no statistically significant difference in the percent of households that experienced identity theft during the last six months of 2008 compared to the last six months of 2007.

A group of environmentalists in California have been linked to identity theft, which has compromised the identities and credit of 25,000 U.S. consumers.

The computer server for Savannah, Ga.-based company SiRuDo Realty, owned by Teolita Sicay, was hacked by a thief in California. The case was reported to local authorities, and has  been turned over to the Georgia Bureau of Investigation and the FBI. No details on the identity of the person in question have been released, but authorities say the person is linked to the Facebook page "BoycottBP." The creator and owner of the page, Lee Perkins, is not a suspect at this time.

Facebook page owners frequently invite other FB members to join or "like" their cause but they have no access to background checks prior to approval of those persons. The page owners cannot, then, be held liable for the actions of any of their members, who are not under their control.

Identity thieves target Facebook and other social networking sites to harvest information about you and the groups or businesses found there. But there are ways you can help protect yourself, your business or your organization against this type of theft.

First of all, adjust your privacy settings to protect your identity. Unlike some social networking sites, Facebook has provided some powerful options to protect you online. But it's up to you to use them.

Be sure to read the Facebook guide to privacy. At the very bottom of every page on Facebook, there's a link marked, "Privacy." The linked page is "a guide to privacy on Facebook," which contains the latest privacy functions and policies. An example of this verbiage is the latest change made in May of this year, in which Facebook discloses information that it sets as visible to everyone and that you cannot make private. This includes sensitive information like your name, profile picture, gender and networks.

Think carefully about who you allow to become your friend. Once you have accepted someone as your friend, he or she can access any information about you that you have marked as viewable by your friends. You can remove friends at any time should you change your mind about someone.

You do have the option to show "limited" friends a cut-down version of your profile. You can choose to make people limited friends if you choose. This can be useful if you have associates who you do not wish to give full friend status to, or feel uncomfortable sharing personal information with.

Think about how you wish to use Facebook. If it's only to keep in touch with people and be able to contact them, then maybe it's better to turn off the bells and whistles. It makes a lot of sense to disable an option until you have decided you do want and need it, rather than start with everything accessible.

When it comes to social networking, it's not just about status updates. Set your preferences and settings with one thing in mind – keeping yourself, and your good name, safe.

A Michigan woman has been charged for the second time with trying to steal the identity of the 99-year-old woman she has been caring for.

Thirty-year-old Julia Robinson of Sterling Heights, Mich., attempted to steal from the Roseville, Mich., woman in order to obtain credit cards. Robinson was arraigned on one county of false statement of identity to obtain a financial transaction device, and one count of possession of personal information with intent to commit identity theft.

This is the second time in five months Robinson has attempted the scam. She previously pleaded guilty to obtaining and using credit cards in February. She received a reduced charge and probation. She is being held on a $50,000 bond in the Macomb County, Mich. jail.

When most people think of elder abuse, they think of neglect, physical or psychological mistreatment. But identity theft perpetrated against the elderly by their caregivers is a form of abuse. The crime may also be committed by family members and even strangers, in order to use the personal information to obtain credit cards, jobs, mortgages, payday loans and more.

But why are the elderly targeted? In many cases, they have more money, cash reserves, home equity and other resources, and often have nearly spotless credit. Many of them may not be technologically savvy, and may not be aware of the scams being used to commit identity theft.

Many seniors don't actively monitor their credit reports, and are also very trusting of others. They may buy into a story told by a scammer, and wind up being taken advantage of.

What can you do to protect yourself or a loved one? First of all, become educated about the types of identity theft and other financial scams that target senior citizens. Don't carry your Social Security or Medicare card with you. Carry a copy of your Medicare card with you, with the Social Security number blacked out. This will keep your information safe, but provide it if you need medical attention.

Do not give out your personal information on the telephone. Check to be sure the caller is legitimate by calling the company back. Make sure you research charities before you donate to them. Keep your personal information locked up, and shred documents you don't need.

Don't sign the back of your credit or debit cards: instead write, "Photo ID Needed," so that a photo ID will be required to use them.  Make copies of your credit and debit cards for reference in case of theft. Don't carry cards with you that you don't need.

Protect your mail by obtaining a locking mailbox and make sure to have your mail held if you leave town for a few days. Don't put your trash out until the day of pickup. And last, be careful who you give power of attorney to.

By taking these steps, you or your loved one can breathe easier, knowing your information – and your good name – is safe.

The Federal Trade Commission has succeeded in getting a federal court to put a stop to an online scam that used identity theft to place more than $10 million fraudulent charges on consumer credit and debit cards.

More than a million consumers were hit with one-time charges of $10 or less, and their payments were routed through dummy corporations in the U.S. to bank accounts in Eastern Europe and Central Asia.

The defendants had used fake company names, similar to legitimate businesses, along with information taken from identity theft victims all over the country. They used the information to open more than 100 merchant accounts with companies that process charges to consumer credit and debit card accounts, according to the FTC complaint. The FTC complaint states that they believe the defendants ran credit checks on the victims to be sure they were credit-worthy.

The thieves also cloaked each fake merchant with an office address near a real merchant's location, along with a phone number, home phone number for the "owner," a Web site pretending to sell product, a toll-free number for consumer use, and a real company tax number found on the Internet.

The FTC said that with spam e-mail, the defendants recruited at least 14 "money mules" in the U.S.,  which are people paid to form 16 dummy corporations, open bank accounts to receive the payments, and transfer the money overseas. They used debit cards linked to these accounts to set up telephone service, virtual addresses and Web sites.

None of the affected consumers had any contact with the defendants. Most didn't even notice the charge on their bills or didn't seek restitution because it was such a small amount. Consumers who did call the numbers that appeared on their bills found the numbers to be disconnected or got an answering machine instructing them to leave a message. No calls were returned.

The fake companies included API Trade LLC, ARA Auto Parts Trading LLC, Bend Transfer Services LLC, B-Texas European LLC, CBTC LLC, CMG Global LLC, Confident Incorporation, HDPL Trade LLC, Hometown Homebuyers LLC, IAS Group LLC, IHC Trade LLC, MZ Services LLC, New World Enterprizes LLC, Parts Imports LLC, SMI Imports LLC and SVT Services LLC.

The defendants have been charged with making unauthorized charges to consumer credit cards in violation of Section 5 of the FTC Act. The courts have frozen the defendants' assets and ordered them to cease operations.

A U.S. Federal Trade Commission representative said June 21 that current privacy laws fail to protect American consumers and place too much of a burden on them.

Kathryn Ratte, senior attorney for the FTC, said existing privacy laws, which rely heavily on disclosure of data collection and use practices and on informed consumer choice, just don't work.

The agency will be releasing a report later this year that will reflect that very sentiment. The report is expected to make recommendations to Congress regarding new laws, and it may state that the FTC intends to expand its current authority around policing deceptive practices to address more Internet-related business practices.

One of the biggest issues, the FTC found, is getting companies to adopt better "data hygiene" through implementing policies such as minimization and retention limits.

One law that has worked is data breach notification, which makes sure that if there is a data breach, the organization is to notify all affected parties.

In 2009, the U.S. House of Representatives approved a data breach notification bill, but the Senate has yet to act on the bill. The measure states that anyone who "possesses data in electronic form containing personal information shall...notify each individual" affected by the breach.

Implementing sound information security policies and practices that minimize the likelihood of data exposures is more important than dealing with the aftermath of breaches. Better data security should be the first priority of any organization handling personal data.

Organizations that have experienced a breach will certainly agree with the old adage that an ounce of prevention is worth a pound of cure. The cost of responding to a breach, in terms of staff and energy, legal assistance, credit monitoring and related services for affected persons, bad press, adverse employee relations and potential legal exposure, can be profound. Rather than assuming it "won't happen to us," companies must recognize that a security breach is highly likely unless preventative measures are taken.

• Don't collect or store data elements specified in breach notification laws.
• If you must collect and store covered data elements, segregate such data from other data sets.
• Avoid using covered data fields as employee identifiers, on files and systems, parts of user IDs, on badges or in mailings.
• Don't store covered data elements any longer than needed, and destroy them in a secure manner when they are no longer needed.
• Scrutinize the entire life cycle of covered data elements to identify any security vulnerabilities requiring remediation.
• Make sure your current policies, training and confidentiality agreements address the risks and legal obligations involved in handling data elements covered by data breach laws.

A Louisiana woman used a man's stolen identity for almost two years in order to keep her housekeeping job at a Marriott hotel in Montgomery Township

Of all the odd twists in the way people use (or more properly, misuse) identity-related information, this one has to be one of the weirdest!

Julia Perez, a 37-year-old suspected illegal immigrant from Mexico, used the name, Social Security number and birth date of a Louisiana man in order to get a housekeeping job at the Courtyard Marriott Hotel in Montgomery Township.

Perez began working at the hotel in August 2008, and apparently worked in the position for nearly two years before she was arrested at the hotel on June 9th. It seems that someone would have noticed that Julia, who wore a name tag showing “Tomie,” as her name (a shortened version of the identity theft victim's first name – Thomas) was decidedly female, while her employment documents all contained the information of a male.

Perez has admitted to using the Louisiana man's name to gain employment, records said. How exactly she obtained the identity was not clear from Police and court records.

The deception began to unravel after the Internal Revenue Service informed the Louisiana man that his identity was being used by someone else – he then contacted the St. Tammany Parish Sheriff's Department, which launched an investigation and traced the identity theft to an employee that was ultimately identified as Perez.

Perez is currently being held in a Montgomery County Prison on a first-degree misdemeanor charge of identity theft. U.S. Immigration Customs & Enforcement has also placed a detainer on her, meaning federal authorities suspect she is in the United States illegally. Once she is released, whether after serving a sentence for identity theft or after an acquittal, she will be turned over to the I.N.S., who will then determine if she is here illegally. If she is, she will most likely then be deported.

Cemeteries and funeral homes have collected millions of dollars over the years from customers who have chosen to prepay for their burials. The money is to be held in trust, protected from theft and mismanagement.

In some cases, criminals have targeted the elderly, stealing millions and swindling them out of the security of knowing their final requests will be fulfilled. Often times, the victim is left to foot the bill for a new burial plot without any reimbursement from the first attempt to purchase one.

This has been happening all over the country. In Knoxville, Tenn., cemetery owners sold the same plots several times over and defrauded people who had prepaid for funeral services. In Indiana, hundreds of people contributed to a cemetery's trust fund and to their loved one's perpetual care, learning later that they were part of a $27 million securities scam. In Colorado, a funeral home owner stole more than $140,000 from mostly elderly people who had prepaid for funerals. The services were not provided, and the victims were not reimbursed. A former Ohio funeral home director was charged with 43 counts of stealing up to $200,000 from clients who paid ahead for their funerals.

Thieves have also used this type of scam to gain access to personal information such as Social Security numbers, bank and credit card numbers, names and address information.

The list goes on and on. Given that these types of scams are becoming more and more frequent, it's easy to understand that people may be hesitant to proceed with making funeral and burial plans. No one wants to lose thousands of dollars on any type of scam, but it's particularly difficult when dealing with final plans.

The Federal Bureau of Investigation has offered the following tips to help you avoid fraud and theft as you finalize your plans.

• Be an informed consumer, particularly if you are prepaying. Shop around, and call the Better Business Bureau to get a report about a funeral home or privately-owned cemetery. Make sure the business is licensed.
• Get a detailed price list. Funeral homes are required to provide these. It's a good idea to get this in writing.
• Educate yourself about caskets before you try to purchase one.
• Understand the difference between funeral home basic fees for professional services and any fees for additional services.
• Know your state's embalming laws. Embalming is not legally required for direct cremations.
• Carefully read all contracts and purchasing agreements before signing, and make certain that all of your requirements are put in writing. Make sure you fully understand all cancellation and refund terms, as well as you portability options for transferring your contract to another funeral home.
• Do not give your personal information to anyone unless you are sure they are with a legitimate company and you know that the person is trustworthy.

Last of all, make sure your loved ones are aware of your plans. Don't allow yourself to be pressured into making any decisions, signing any contracts or surrendering your personal information. These decisions are yours alone to make and you should be able to take your time in making them – and rest assured that you can trust the people you're dealing with.

Identity thieves have already begun to exploit provisions in the health care reform bill aimed at closing the Medicare “donut hole”

One provision of the health care reform bill is to start closing the Medicare “donut hole” - the coverage gap that many seniors have in their prescription drug coverage.

What exactly is the “donut hole?”

For seniors who must take expensive prescription drugs, or a combination of many drugs that add up to a large expense, Medicare rules state that they must pay the first $310 worth of drugs (the deductible), and then Medicare pays for the next $2,520 with only a small copay paid by the consumer. Once the total cost of $2,830 (the deductible plus the $2,520) is reached, they become responsible for 100% of the cost of their drugs until their total drug cost reaches $4,550. Once that total is reached, Medicare picks up the cost of the drugs they need for the rest of the year, minus the co-pay.

The $1,720 coverage gap is called the Medicare “donut hole.”

As part of the health care reform legislation passed in March of this year, $250 checks have begun going out to those who have already begun paying the total cost of their drugs due to this coverage gap. The amount of the Federal payments will increase each year – until 2020, when the gap will cease to exist.

The government keeps track through its drug usage database of how much Medicare beneficiaries have already spent on their drugs, and as such, it knows exactly the point when the senior has reached the coverage gap. Once a senior has reached the gap in coverage, a check is sent without the consumer having to do anything at all.

Unfortunately, seniors have long been the target of crooks and frauds. Here are some of the ways criminals are mis-using this program, as well as some suggestions about how to prevent the crime:

Phone calls: Someone pretending to work for the government or an aid agency calls with an offer to help the consumer “apply” for the $250 check.

Home visits: Someone comes to your door asking for information in order to "verify that you are eligible" to receive the reimbursement check. You may be asked to provide your social security number, bank account numbers or other personal data - which can result in fraudulent bank transactions or identity theft. 

Internet pop up ads: Ads inviting you to fill out an application for your rebate check may “pop up” on some websites.

No doubt there are additional ways that criminals will think of to steal the money. If you are a senior or receive Medicaid drug coverage, you will automatically receive your check at the right time, and there is no information you need to provide, and nothing you need to do to get it.
If you know someone who is likely to get a check – advise them to ignore such scams.
If you or someone you know is contacted by scammers attempting to gain your personal information, report this fraud by calling 1-800-MEDICARE or by going on line to www.stopmedicarefraud.gov.