As Bruce Schneier recently pointed out, MITM attacks are now much more common, and likely to become widespread.
Now, if they used that cell phone message to authenticate the exact transaction you are performing, you'll be much more secure.
Of course, if it's too easy to update the cell phone number, all bets are off.
Where's the 'delusional' mod when you need it?
Nothing in progression can rest on its original plan. We may as well think of rocking a grown man in the cradle of an infant. -- Edmund Burke