To be fair, with LE you do need to verify you're requesting the cert from the domain for which you're requesting it, so there's some validation. It would be really difficult (for me, impossible) to get a Let's Encrypt cert for, say, wellsfargo.com. It's not one of the fancy CV certs like at https://www.grc.com/intro.htm, but they're the same certs Amazon.com uses.