I mean, this is a great article and a good write up of something folks fail to consider, single points of failure. but some stuff –
Compromising photos – don’t take these. Like for real, is it that hard to not take digital photos of your cock and or tits, or your partner’s genitals?
If for some reason you REALLY want a digital copy, TURN OFF ANY PHOTO UPLOADER YOU USE. uninstall it. whatever. physically copy it to a secure location.
And don’t use one email for everything. My gmail is bound to a lot of money stuff, a separate gmail is bound to all crypto currency stuff and my old hotmail is bound to nothing valuable whatsoever and is the junker for places I need a persistent account that I won’t associate with a credit card or payment method. And that’s just one minor way payment stuff is segregated.
All that said though, this article effectively highlights why even 2fa isn’t perfect if someone has a good reason to target you. I was not aware you could begin a sim port without any correspondence with the account holder – this seems like an oversight. Yes, social engineering could be the case here and it could be that all they needed was the phone number, or something stupidly public like the phone number and mother’s maiden name (STOP USING THAT) and for the love of christ if you suddenly can’t login to your accounts after receiving “new logon” emails, PANIC. Immediately start your lockdown plan and start battening down the hatches – starting with the attacked account concurrently with anything moneyful associated with the account.
And for the love of christ, sign up for haveibeenpwned.com and pay attention every single time your passwords show up on something. Minimize public information, minimize associated account names – for example, all the crypto currency