TBH I would consider this type of fraud of a more Robin Hood variety. Companies that still encourage weak security practices like sms 2fa (or even worse, just hoover your PII under the guise of it) should be defrauded of their money as much as possible.
