SMS Traffic Pumping is costing you more than you realize


Artificially Inflated Traffic

What is the true cost of SMS Artificially Inflated Traffic?

As technology evolves, so do the fraudsters. 


We've seen a rise in fraud where bad actors target phone verification forms with thousands of requests. This type of attack, known as SMS Traffic Pumping (aka SMS Artificially Inflated Traffic), similar to attacks like International Revenue Share Fraud (IRSF), causes inflated traffic to your app with the intent to make money but not to steal information. 


Through this fraud scheme, fraudsters license high volumes of phone numbers from carriers for the purpose of generating large quantities of text messages in exchange for revenue sharing from the carrier or aggregators distributing through that carrier. 


Unfortunately, this means you might be hit with higher than expected bills from your telecom provider if your application isn't designed to prevent it. While this is a globally-recognized, growing challenge, it’s often more prevalent across mobile carriers in less regulated markets. 


What can you do?


Does your business send SMS One-time Passcodes (OTPs) at onboarding, logins, or high-value transactions as a second factor of authentication? The Twilio Verify API now offers Automatic SMS Fraud Detection to mitigate SMS Traffic Pumping attacks. Twilio Verify is a turnkey, fully managed API, purpose-built for OTP use cases. 


Sign-up or login flows that rely on SMS OTPs are among the easiest and most vulnerable to fraudsters attempting to take advantage of.



Increase in conversion rate from enabling Verify Automatic SMS Fraud Detection


Decrease in Cost-Per-User from enabling Verify Automatic SMS Fraud Detection


Reduction in daily spend
from enabling Verify Automatic SMS Fraud Detection

Calculate your hidden fraud costs

Please do not include $, %, other symbols or commas in your answers