tlb parent
It's also not very hard for scammers to get a SIM card for your number, unless you're using a carrier that specializes in not allowing SIM swapping attacks.
That's why 2FA is called 2FA. It should require two factors. SMS + Password, for example. So scammers would need to steal both password and perform SIM swap, which hopefully is a bit harder.
I dislike SMS 2FA and services that use my phone number as a stable identifier, however SIM swapping is not really a thing in most countries.