The email vulnerability seems easy to avoid by using encrypted channels of communication (like nostr). The other vulnerabilities seems be present in PayNyms as well. Its probably wise to mix your funds in either case and to avoid consolidating them whenever possible.