Account takeovers are a different beast that are closer to someone breaking and entering your house, then raiding your fridge and stealing your TV. The literal man in the middle attack described in the article here, where a legitimate transaction is hacked into an illegitimate one, is orders of magnitude more difficult to execute for type of any electronic payment.
I would argue it's a lot harder to physically intercept a check and chemically wash it than, for example, a credit card number punched online. There are numerous trivial phishing methods to get someone to punch in or reveal their CC details online. And then again if companies don't store the data properly, they are subject to trivial insider attacks and hacks.
They would then need to bypass 3d secure aproval process OR use a website without in which case you get your money back just by calling. (note: instant notification for transactions on phone means you catch it fast)
You could use a bank with disposable one-time credit card numbers.
You could disable online payments and only enable then when you do transactions.
You could set up limits, say 100$ a month, after which transactions get denied unless you alter it. So you wont be incovenienced too much if you do need a card for netflix and other recurring payments.
There are so many ways electronic payments are more secure in new banks that care about this.
A famous case of Amazon ATO (account take-over) was trivially executed where a fraudster would use one of the Amazon checkout paths with a credit card that they own (e.g. a disposable Visa gift card) but later add a victim's email so that the credit card would get added to the victim's account. The fraudster would then call Amazon support, impersonate the victim, proving their identity by using that credit card number, expiration date, and CVV, and claim that their phone is stolen. Amazon support would then "update" the victim's account with the phone number under fraudster's control. The fraudster would then use the "forgot password" flow to reset the victim's password using the phone. Game over, the fraudster now controls the account (and the real CCs added to it) through no fault of the victim (nor their knowledge). They would go on by purchasing electronic gift cards (iTunes/X-box/etc.) and selling the numbers on eBay for real money.
This specific flow has since been fixed, but ATOs still happen much more than you can imagine.
