Their game is high-volume-low-cost/effort, which I think is the main reason that this approach does significantly cut fraud volume (admittedly at, typically, a tiny cost in lost sales).
A lot of them are just stuffing stolen credit card numbers to try to find which ones still work, anyway, so they don't care about breaking into your system in particular, they just want to find any system that will let them attempt a charge. If they're finding enough of those using cheap or free anonymous accounts from low-credibility email address providers, they have no reason to spend more time or effort on it.
Blocking these providers doesn't mean you won't still see better-targeted fraud attempts, but it cuts down on a ton of the low-effort but high-volume automated crap—and that stuff can kill a merchant payment processing account in a weekend, if you're not pretty good at blocking it.
A lot of them are just stuffing stolen credit card numbers to try to find which ones still work, anyway, so they don't care about breaking into your system in particular, they just want to find any system that will let them attempt a charge. If they're finding enough of those using cheap or free anonymous accounts from low-credibility email address providers, they have no reason to spend more time or effort on it.
Blocking these providers doesn't mean you won't still see better-targeted fraud attempts, but it cuts down on a ton of the low-effort but high-volume automated crap—and that stuff can kill a merchant payment processing account in a weekend, if you're not pretty good at blocking it.