Last week, Equifax announced a staggering data breach that has impacted 143 million Americans. This is considered the worst theft of consumer data in American history. Fraudsters now have access to 143 million Social Security numbers, dates of birth and address information.

The biggest question facing consumers: how can you protect yourself? Putting a credit freeze on your credit bureau has become the most common advice. According to the FTC, a credit freeze allows you to “restrict access to your credit report, which in turn makes it more difficult for identity thievesto open new accounts in your name.” The benefit of a credit freeze is that it becomes extremely difficult (close to impossible) to have new credit accounts opened in your name. Unfortunately, a credit freeze also makes it more difficult to apply for credit yourself (although not impossible). But I think the biggest risk of a credit freeze is a false sense of security. Just because you freeze your file does not mean you are out of risk. If you decide to freeze your report, remember to pay attention to these three key risks.

1. Misuse of Existing Accounts Remains A Major Risk

The most common type of fraud relates to misuse of existing (open) accounts. With the amount of information stolen from Equifax, you can expect fraudsters to attempt to gain access to bank accounts, credit cards and other financial accounts. Old-fashioned fraud is still the most effective, and sophisticated criminals can use the stolen data to call you and impersonate a bank. They will try to send highly sophisticated emails that look like they are coming from a bank (also called phishing).

Follow these simple steps to protect yourself:

  • Set up account alerts on your existing accounts. Most banks and credit unions offer free alert services so that you can be notified via email or text whenever there is a large transaction, deposit, transfer or new payee added. Set up and pay attention to the alerts.
  • Opt in to multi-factor authentication wherever possible. If your bank allows you to sign up for a service that requires you to receive a unique code via text message – accept it.
  • Always be wary of emails and phone calls from financial institutions. As a general rule, don’t click on an email and then provide your social security number. Go to the bank’s site directly. Call the number on the back of your card. But don’t fall victim to the highly sophisticated tactics that will likely emerge from this data breach.

2. Medical and Employment Identity Theft Still A Big Risk

If your Social Security number has been stolen from Equifax, it can end up for sale. Some people want to use a social security number to open new credit accounts. A credit freeze is a great tool to prevent that. However, a credit freeze will not prevent medical and employment theft.

Medical identity theft “occurs when someone steals your personal information (like your name, Social Security number, or Medicare number) to obtain medical care, buy drugs, or submit fake billings to Medicare in your name. If your Social Security number is attached to an unpaid medical bill (for services that you never received), the debt can end up with a collections agency and hit your credit report. Be very careful if someone reaches out and asks for your medical insurance number. By combing that with your social security number, the fraudster could start obtaining care under your insurance plan. Look closely at your medical invoices. And ensure you monitor your credit report and take action immediately if you see medical debt that isn’t yours.

With employment identity theft, someone uses your social security number to obtain work. Some employers report to credit bureaus, and a regular review of your credit reports could identify the issue. But every year, you should check your Social Security earnings on the government website to make sure you recognize the earnings in your name.