This story is told by TV reporters in Salt Lake CIty, UT, and although I don't usually post info about TV shows, I'm making an exception, since the crime that was described sounds like something unusual.
If you can provide details about how such a fraud could be perpetrated, please send in a reply with details. Thank you!
This is a pretty common form of fraud. The perpetrator generates a legitimate 2FA message, e.g. by clicking the “forgot password” link on the T-Mobile website. The fraud is in tricking the victim into divulging the subsequent code.
The safeguard I keep in mind is that if someone calls me, the burden is on them to prove their identity to me. It’s a pretty clear indication of fraud if someone calls me and then asks me for confidential information. Most well-designed customer service systems take this into account and train their reps accordingly.
I have gotten occasional legitimate calls from a bank’s fraud prevention department about a questionable transaction, e.g. a card-not-present transaction made in another country, but they just ask me if I made the purchase without needing me to give them a PIN or anything.