Trust me, it is relatively easy to create a reverse shell without triggering any AV software's static or behavior analysis.

Sure, editing one file is easier to implement, but you'd need to set up multiple phishing sites (e.g. online banking, multiple exchanges, etc.. ).
When considering the cost vs efficiency, you gain much more from simply setting up a reverse shell and extracting login details saved in a browser + recording keystrokes. With this, you gain access to every website the victim is registered with.