Security > Safeguarding your data > Protecting your accounts and your identity
Helpful guidelines to protect your identity from theft:
- Remove posted mail from your home mailbox every day - or better yet, sign up for electronic statements whenever possible!
- Never leave bills in your mailbox overnight. Always put them in a secure US postal mailbox - or better yet, pay bills online whenever possible!
- Know your billing cycles. Follow up with creditors if bills or new cards don’t arrive on time. An identity thief may have filed a change of address request in your name with the creditor or the post office.
- Shred receipts and mail, especially pre-approved credit card applications.
- Eliminate the receipt of pre-approved offers of credit by calling 1-888-5-OPT-OUT.
- Never carry your Social Security card, bank passwords or other sensitive information in your wallet.
- Account for all new checks when you receive them in the mail.
- Remove your name from direct mail lists and write to the companies you do business with and ask them not to sell or rent your name. You can visit the Direct Marketing Association’s website to learn about the laws that protect you as a consumer and how to get your name removed from these lists.
- Order copies of your credit report once a year from one of the three national credit-reporting agencies and look for accuracy and indications of fraud, such as unauthorized applications, unfamiliar credit accounts, credit inquiries and defaults and delinquencies that you did not cause.
- Check your Social Security Earnings and Benefits statement once each year to make sure that no one else is using your Social Security number for employment.
Be suspicious about emails or telephone calls where:
- You are asked for your Social Security number, calling card or credit card number, so you can purchase products, qualify for prizes or process your potential employment or internship.
- The company has a name that is intended to sound like a government agency or a well-known company.
- The company is unwilling to send you written information on the offer or give you references.
- Someone claims you’ve won a prize and you haven't entered a contest.
- A telemarketer asks for your Social Security number, calling card or credit card number, so you can purchase products or qualify for prizes.
- You have to pay a fee before you receive complimentary goods or services.
- In general, your sensitive personal or financial information is required before you are able to receive the indicated benefit (internship, prize, product, etc.).
Bank, shop and spend wisely:
- Cancel your unused credit cards so that their account numbers will not appear on your credit report.
- Sign your credit cards immediately upon receipt.
- Do business with companies you know are reputable, particularly online.
- Use a secure browser when you conduct business online that encrypts or scrambles purchase information. Make sure your browser’s padlock or key icon is active.
- Avoid opening e-mail from unknown sources.
- Never click on an unknown e-mail link. Go to the company’s website yourself and fill out information there or call them.
- Ask businesses about their privacy policies and how they will use your information. Can you choose to keep it confidential? Do they restrict access to data?
Helpful guidelines if your identity has been stolen:
- Contact your bank(s) and credit card issuer(s) immediately to:
- Protect access to your accounts
- Stop payments on missing checks
- Change personal identification numbers (PINs) and online banking passwords
- Open a new account if appropriate
- File a report with your local police department and:
- Obtain a police report number with the date, time, police department, location and name of the police officer taking the report. The police report will be helpful when clarifying to creditors that you are a victim of identity theft.
- Agree to an investigation (if the police recommend it) into the loss
- Complete an Identity Theft Affidavit form and submit it to the appropriate companies. You can download a copy of this form at consumer.gov/idtheft
- Contact the three major credit bureaus and request a copy of your credit report and:
- Review your reports to make sure additional fraudulent accounts have not been opened in your name or unauthorized changes made to your existing accounts.
- Request the “inquiries” be removed from your report from the companies that opened the fraudulent accounts. Here are the major credit bureaus and their phone numbers:
- Trans Union 1-800-680-7289
- Experian 1-888-397-3742
- Equifax 1-800-525-6285
- You may also contact the FTC’s ID Theft Consumer Response Center toll-free at 1-877-IDTHEFT
- Recheck your credit report in a few months to:
- Verify your corrections and changes.
- Make sure no new fraudulent activity has occurred.
- Request a “fraud alert” for your file and a victim’s statement asking creditors to call you before opening new accounts or changing your existing ones. This can help prevent an identity thief from opening additional accounts in your name.
- If you stop receiving regular mail, verify mail has not been stolen from your mailbox and:
- Make sure no one has requested an unauthorized address change, title change, or PIN change or ordered new cards or checks to be sent to another address.
- If a thief has stolen your mail, contact your local post office and police.
- Maintain a written chronology of what happened by noting:
- What was lost
- The steps you took to report the incident to the various agencies, banks and firms impacted
- The date, time, contact telephone numbers, name of the person you talked to and any relevant report or reference number and instructions
- Send a registered letter to all creditors where fraudulent accounts have been opened and:
- Include a copy of the police report.
- Include the ID Theft Affidavit.
- Request that the institution send you a letter of release to clean up the account and acknowledge that it is fraudulent.
Important Contact Information
For credit checks and theft information, contact:
|Federal Trade Commission||consumer.gov/idtheft||1-877-IDTHEFT|
|International Check Services||N/A||1-800-366-5010|
|Identity Theft Resource Center||idtheftcenter.org/html/self_help.htm||1-858-693-7935|
|Social Security SSN Fraud Hotline Administration||ssa.gov||1-800-269-0271|
|The National Fraud Information Center||fraud.org||1-800-876-7060|
|U.S.Postal SSN Fraud Hotline Inspection Service||usps.gov/postalinspectors||1-800-372-8347|
How Voya Financial Is Keeping You Safe Online
Voya Financial has implemented numerous security measures to safeguard the confidentiality, integrity and availability of our customer data, including authentication, monitoring, auditing, and encryption. Security measures have been built into the design, implementation and day-to-day practices of our entire operating environment as a part of our continuing commitment to risk management. These measures are designed and intended to prevent corruption of data, block unknown or unauthorized access to our systems and information, and provide reasonable protection of customer information we possess.
Implementing username and password requirements
When you set up online access to your accounts, you create your own unique username and secret password, allowing you safe and secure access to your accounts. We have proprietary monitoring and other protective procedures in place, such as limits on password entry attempts and multifactor authentication.
No matter how you contact Voya—online or by phone—we verify your identity before allowing you to access your accounts.
Multi-factor Authentication: If you or someone else tries to log in from a computer we don’t recognize, we may challenge you with one of the enhanced security questions you previously answered when you enrolled. This helps us ensure that it is really you accessing your account.
We employ some of the strongest methods of encryption commercially available today, in order to protect personal information such as your username and password or the contents of your portfolio as it travels from your computer to our systems.
To block unauthorized access, all of our computer systems are protected by firewalls or electronic barriers designed to prevent unauthorized access to our networks.
The technology we deploy for sending emails to our customers enables us to digitally sign our messages, so you can verify that our messages have not been forged or altered. We also encrypt sensitive customer emails when sending the outside the Voya network.
Our websites automatically log you off after an extended period of inactivity. This reduces the risk that others could access your information from your unattended computer or mobile device.
Constant systems surveillance
Our security teams monitor our systems around the clock in an effort to secure your information and ensure that only authorized access to your account is permitted.
Security at Voya worksites
Because we also print and deliver documents containing sensitive personal information, all Voya work areas are monitored continuously and access is restricted to authorized personnel only. Voya also enforces a clean desk policy that requires sensitive customer information to be locked away when not in use.
Restricted access to customer data
Just as we limit physical access to our work areas, we also restrict access to systems that store or process customer data, and we continuously monitor access to these systems. Access to our systems is given only to approved and authorized roles within the organization.
Our employees receive thorough training on our security policies, and each employee is held accountable for compliance with these policies. Employees who work directly with customers also receive additional training on emerging risks, such as phishing emails, targeted scams, and other forms of identity theft.
The U.S. Federal Trade Commission provides information on how to avoid phishing scams. Go to onguardonline.gov/phishing.
The Anti-Phishing Working Group (APWG) provides statistics on phishing attacks and advice for individuals and companies. APWG is a global pan-industrial and law enforcement association focused on eliminating fraud and identity theft that result from phishing and other online scams. Go to antiphishing.org.