The signal based on private information is what’s causing the harm not the movement of money. They could cause the same harm by encoding a signal in the timing of a money transfer, or hell using carrier pidgins.

I could send your username and password using similar methods, the medium doesn’t matter here but the signal and their attempt to hide it does.