It often surprises people what effort someone will go to to steal their identity.
Consider that you have a github account. You might be in the supply chain for a bit of code someone needs to read or backdoor to attack a company that you've never heard of. Github is a harder target though.
The scary ones are the real estate funds redirectors. They just need to be in your inbox for a little bit and boom, hundreds of thousands of $ gone because people don't take the time to re-verify bank account details by in person.
Okay? I don't think anyone would go to that trouble.
> Phishing you to get your password and then bribing or social-engineering someone at the phone company to forward your SMS-based 2FA codes to them.
Seems unlikely, I never log into my registrar's website. I do often have to enter my Google password though!
> Waiting for you to forget to renew your domain and then registering it.
It's auto-renewing.