First off, the best thing to do is NOT carry around photos that might reveal another side of you best left private in the first place. But it could also simply be photos of your family/friends or a set of images of harmless, but embarrassing nature. Our smartphones are often filled with private moments for ourselves to remember and share at our discretion. There are few steps to make sure you don't befall to a remote hacker:
1) Don't open emails and/or follow links from people you don't know on your smart phone. Just like on your computer, malware developers attempt to lure people to specific websites they created for the sole purpose of stealing a person's private info, including SMS text database (including deleted messages), contacts, music files, and yes, your photos. Most believe this is how Scarlett's phone was compromised and it's easier than the average user may realize.
2) Be suspicious and careful about reading/answering SMS messages from unknown parties. Past security vulnerabilities have been exploited using this method across Google Android, iOS and Windows Phone platforms.
3) Be leery of remote unlocking services. Yes, it's tempting to have someone else do the dirty work when it comes to unchaining your device from a provider, but it also opens the doors to possibly having your phone compromised. Jailbreaking is a liberating and legal avenue to go down, but it's advisable you're doing the driving.
4) Set up your device with a strong password. As noted in the video above, avoid the pitfall of using weak and easy to crack passwords like "1,2,3" or your birthday.
5) Don't download apps from sites or developers without checking who they are and reviewing outside feedback. Even app site/store endorsed apps have been revealed to tap into private information on your phone and send it back to companies for their own (usually harmless, but uninvited) use. Someone could gain access using a trojan horse app with a similar technique.