On many Apple devices, the only way to access the serial is to actually log into the device and open Settings or About this Mac. If the attacker's able to do that then – in the majority of cases – they likely already have access to your mail and probably many other accounts as well. At that point, it's pretty much game over for you; containment's impossible.
(Two big loopholes on the Mac side are guest accounts and the recovery partition. Both of those offer ways to get your machine's serial number which do not require the attacker to log into your account.)
(Two big loopholes on the Mac side are guest accounts and the recovery partition. Both of those offer ways to get your machine's serial number which do not require the attacker to log into your account.)