A lot of people in this thread saying SMS is bad for 2FA. It’s not. Just because you can send spoof the sender field doesn’t mean you can spoof being a receiver. Only the valid number will ever receive the 2FA code.
SMS is bad for 2FA not because it can be spoofed, bit because of SIM-swapping attacks that let the attacker trivially take your 2FA codes from you---gaining access to your protected accounts while you're locked out. NIST recommended against using SMS for this reason in summer 2016.
