Did you read the article that mnordhoff linked? It explains Let's Encrypt's position on being a gatekeeper for domain names.
Well, it's a lot of guesses in the article. In practice, I don't think it will make a huge difference as it's just as easy to get a single wildcard as it is multiple single domains, and I don't see that a scammer would want to run a bunch of scams on a single parent domain.
My understanding is that the list is mostly for "high risk" domains with different TLDs. It likely wouldn't catch "paypal.example.com," for example.
The more work Let's Encrypt has to handle manually, the more expensive it will be to keep the service running and the harder it will be to keep it up and running, especially at no cost to the end user (and managing payments is expensive too).
One thing to note is that Chrome will be soon dropping the padlock for DV secured websites and reserving the notification for EV, where the actual end entity is verified. The browser UI should change as DV (and OV) certificates only prove that you're talking to the domain you are at and no intermediate is listening in.
You're welcome to pay the fee at a different provider, if you want. The system still exists and those companies are still making decent money.
Ultimately, catching a fraudulent domain should be the responsibility of the domain registrar, not an external service.