FTP is an ancient protocol that offers no encryption. It means username and password are sent unencrypted.
What that does mean is anyone that controls the router or any sniffing upstream of your computer can see it.
If you're connected to an insecure or badly configured wifi or public wifi someone else on that network can see it.
Any sort of packet logging trojan on your computer can see it.
And if they can see it, they can steal it.
Which means you could lose your login credentials to a 3rd party who could then abuse it.
There are methods to make this dated protocol more secure. One of which is FTP-TLS. Shutterstock does not support this.
Another, cheaper option for the provider is to use a different user/password for FTP than the main site so if credentials are stolen you cant actually do anything with them. Most stock providers i use do exactly that with the exception of SS.
So just in theory, assume you connect to shutterstock through an insecure public WiFi. Someone else on that network is busy sniffing all users data and your SS details get noted. He then logs into SS as you and redirects your payment address to his own and steals your money.
For an added bonus, if you reuse passwords elsewhere he can possibly log in as you on other sites too.