I think they might. Maybe not all and always, but a thing about terrorists which can be quite mind boggling at times is that not everyone seems to agree who they are. Just look at how many countries are still doing business with Russia and other countries with less-than-stellar reputations. There may be plenty of parties who would actually not mind doing business with disreputable entities, for various reasons. I would assume they'd try to be a bit clever, but I wouldn't be surprised to see lax controls.
"terrorist" is an opinion or a judgment, not an objective fact. A better term in a KYC context "sanctioned entity" or somesuch.
If someone X is comfortable doing business with/as entity Y but a bank Z is not, it's totally sensible that X would say Y to the bank Z and bank Z would block them.
It is highly unlikely, but not impossible. Anecdotally, I did see a case of a business that put a real location of the business they are working with, which happened to be in a sanctioned country. Needless to say, it generated all sorts of questions and eventual OFAC contact.
Bottom line is: it happens, but I agree with you that people that know what they are doing are not putting "Pay for assasination by Osama Bin Laden on 03/28/23" in reference field.
