Woman mobile banking on a bridge
Patrik Giardino/Getty Images

The data breach at Equifax left half of all Americans’ most personal information open to hackers.

“Imagine your worst nightmare, and that might not be bad enough,” says Adam Levin, chairman and founder of data defense firm CyberScout.

You need to act now. If you’re concerned that your identity may be at risk, here are five ways to protect yourself.

1. Don’t hesitate: Freeze your credit

Equifax is now offering a free credit freeze that can block fraudsters from opening accounts in your name. Rival credit reporting agencies TransUnion and Experian have seen jumps in the numbers of people requesting credit freezes from them.

But obtaining a credit freeze and then unfreezing your credit reports when you apply for a new credit card or cellphone can be time-consuming.

Apart from Equifax’s free offer, you’ll usually have to pay around $10 to set up the process, and then pay again when you want to lift the freeze to take out a loan.

One trick is to ask, say, a credit card issuer’s sales representative which credit agency the company works with, and then unfreeze only that corresponding credit report.

A freeze offers a great first line of defense, says Eva Velasquez, president and CEO of the nonprofit Identity Theft Resource Center.

“Rather than complaining that something is inconvenient, you need to complain when something isn’t secure,” she says.

2. Monitor accounts and your credit

The Equifax hack involved almost 300,000 credit card accounts, so hackers may be able to make purchases without your knowledge.

While you’re generally not liable for fraudulent credit card charges, identity thieves are becoming more sophisticated. And, if you don’t discover a bogus charge, you’ll pay.

One way to know know instantly whenever there’s been any unusual activity involving your credit card or checking account is to set up mobile transaction alerts.

You’ll also want to monitor your credit card and checking and savings accounts daily, and keep monthly tabs on your FICO credit score. Many credit cards offer your credit score, derived from one credit bureau or another, on each statement.

Order your credit reports from all three reporting bureaus and go through them for any mistakes.

You can get a free credit report and score from myBankrate.

3. Add new layers of security

Safeguard your accounts by enrolling in two-factor authentication, which would require you to log on using both a password and a one-time code sent to your cellphone. That would make it more difficult for a criminal to gain access.

Many Americans fail to understand two-factor authentication. Only 10 percent could identify it correctly in a recent survey by the Pew Research Center.

You’ll also want to set up a PIN code with your wireless provider, so a customer service agent wouldn’t be tricked into allowing a hacker to commandeer your phone.

And, establish a system with financial advisers who have  access to your investment accounts so it would take more than just a simple email from you to get them to wire money from your funds.

“Good identity protection hygiene should be as rote as brushing your teeth,” says Velasquez. “You just need to know that’s what you got to do.”

4. Be careful with your taxes

Identity thieves don’t stop with credit cards.

While the IRS has reported that the number of tax fraud victims fell to 377,000 in 2016 from almost 700,000 in 2015, fraudsters are still interested in pinching whatever refund you have coming to you.

File your return as early as possible, and change your withholding to lower a potential refund.

If you think you’re the victim of fraud, file the identity-theft affidavit, Form 14039, with the IRS.

5. Watch your emails and snail mail

Hackers also may use stolen information to send you a phishing email – a note that looks legitimate but contains links to malware.

Fraudsters can use these emails to get you to click on encryption ransomware, which can block you out of your photos and sensitive files until you agree to pay a ransom to regain access. Backing up your data on a hard drive is key.

Get into the habit of reading email carefully before responding, paying special attention to the sender. A scammer might hide behind a name that looks familiar, but the spelling will be off by a letter or two.

Give the same close attention to “explanation of benefits letters” you receive from your health insurance company. Levin, of CyberScout, recalled one 72-year-old woman he worked with whose health plan was charged for tests in two different states on the same day.

Every aspect of your financial life is vulnerable. Use the Experian hack as a catalyst to be your own sentinel.