Absolutely, and that is really the crux of it.
The scams these days all create a false sense of urgency in hopes of short-circuiting the customer’s anti-fraud thinking, basically by creating some situation which induces panic in the customer. It’s all the more insidious and cruel. As you say, it starts with elaborate groundwork in order to create some veneer of credibility. However, eventually it will go downhill into something which quite obviously isn’t right, like installing TeamViewer or sending money to a “safe account”.
I agree that’s what it is.
But they probably could perpetuate a fraudulent transfer if they were willing to use their own employee details to do so, the only line of defence would be the security code to my knowledge?