What is SMS Pumping Fraud?

You will likely see a spike of messages sent to a block of adjacent numbers (i.e. +1111111110, +1111111111, +1111111112, +1111111113, etc.) controlled by the same MNO.

If you're sending SMS for a one-time passcode (OTP) use case, you will likely not see a completed verification cycle.

• Verify Fraud Guard : Verify is the market leading dedicated authentication and identity solution perfect for preventing SMS Pumping. Twilio recommends enabling the Verify Fraud Guard on your account. When enabled, this feature will block the transmission of suspicious and likely fraudulent SMS messages preventing unnecessary charges to your account.
• Verify Geo Permissions : Review your Verify Geographic Permissions and disable all countries that you do not plan to send messages to.
• Programmable Messaging SMS Pumping Protection : If migration to Verify isn't possible due to your configuration and you are using Programmable Messaging instead, be sure the SMS Pumping Protection feature is enabled. When enabled, it will block the transmission of suspicious SMS messages.
• Programmable Messaging Geo Permissions : Review our SMS Geo Permissions Guide and check the appropriateness of your Geographic Permissions in Console. Disable all countries that you do not plan to send messages to.
• Lookup Line Type Intelligence : Use Lookup Line Type Intelligence to get the line type of a number, then only send SMS to mobile numbers. You can also use this API request to determine the carrier and block carriers that may be (knowingly or not) causing inflated traffic. Learn more about how to build a carrier block list with Lookup in this blog post.

• Verify Fraud Guard
• Programmable Messaging SMS Pumping Protection
• Anti-Fraud Developer's Guide
• Best practices for phone number validation during new user enrollment
• Verification and two-factor authentication best practices