We're experiencing daily twilio OTP attacks that create accounts. We block IPs and have throttled rate of account creation. But other than running up our bills (~$10 / day) I don't understand what they gain from this. Why are they doing this? What am I missing?
They often take a share of the revenue from those attacks through iprn number or other fraud schemes
If your business is local, maybe limit the accepted numbers to a specific area or country.
Otherwise try to understand if they're automating account creation or are they doing it manually? maybe a captcha/turnstile during sing-up can slow them down?
Anyway, Twillio really dropped the ball on this problem, but why should they care as long as it keeps making them money?
Most likely this is being abused for SMS pumping fraud where rogue network providers/small providers complicit in fraud use the traffic to generate revenue.
- https://support.twilio.com/hc/en-us/articles/8360406023067-S...