Not sure about all the risks but one that comes to mind is SIM Swapping. If criminals can get enough information from your social media accounts, they may then get access to your phone account. That will let them switch your number to another sim card that they control. With that, they can intercept any calls or messages sent to verify your identity and gain access to any accounts using your phone for 2FA.

Another one is how most 2g and 3g services (some SMS and voice connections) have known vulnerabilities. Unfortunately not just software security vulnerabilities, but also bad actors that can lease access within that system. That combination can allow for attacks within the underlying systems that make the target completely unaware for periods of time that their messages and voice calls are being intercepted, including 2 factor authentication content over SMS.

Veritasium has a cool video about it. https://youtu.be/wVyu7NB7W6Y

If possible, it is best to not rely on SMS authentication for privacy.

Just to clarify a few things from other comments. SMS MFA is still leagues above not having MFA for security. It’s not great but it will protect you in like 80% of cases where you would’ve been hacked if you didn’t have MFA at all. The primary problem with services that require any additional data from you though is that is an additional source for a leak. The same thing goes for name, address, phone number, etc. Phone numbers can be added to scam call lists which open you up to additional breach opportunities in the future, SIM swapping attacks, or even just using it as a number to spoof for other attacks. For most accounts that I don’t care about I would be reluctant to give my number as for those sites I value privacy over security, but that’s a separate discussion.

Beyond the hacked SMS system thing, you’d be amazed how many places sell your number to data brokers and those data brokers have no issue selling to scammers. I used to get dozens of spam and scam calls a week. I used a service to purge myself from data brokers and switched my phone on all services to an SMS only phone number and I now get at most 1-2 spam calls a week and the scammers stopped entirely. From this point forward unless I absolutely need to talk to you you’re not getting my phone number.

Maybe this is an old millennial problem, but I’ve had the same cell phone number for over 20 years. The number would actively link me to whatever. But that doesn’t really bother me too much.

What does bother me is that I get enough spam calls as it is. If you don’t carefully read the ToS/EULA/privacy policy when giving them your number for “verification”, you may be giving them permission for marketing calls or to have your number shared with their affiliates.