Founder of https://www.plivo.com here. We have seen similar patterns of fraud on our customers primarily in the international markets, outside the US & Canada. It typically happens on repeating number ranges that are sometimes not even in service. MaxPrice approach did not work well based on our experience as this would lead to just blocking certain destinations completely. Alternatively, what we found better was have a geo permissions related options where customers could block destinations that are never used at a network level and additionally introduce rate limits for those networks, so its not open to an attack. Plivo's console screenshot here: https://www.dropbox.com/s/kbw3l0oyw7fcjmr/plivo_console_sms_...

You can also use geo-permissions to block delivery to certain countries: https://console.twilio.com/us1/develop/sms/settings/geo-perm...

author here: awesome, thanks for sharing this pg_bot! :)

What would be the reasonable value to set maxprice to?

That's up to you; Twilio's pricing varies from country to country. US is less than a penny per text; Russia is $0.70 each. Set according to your needs.

Depends on where you send SMS. Ten cents should cover most of the world, but there will be exceptions.

Does anyone know of a good maximum price cutoff to use for SMS that would allow most non-fraudulent messages while blocking expensive fraudulent ones?

How is this fraud?

If you require me to use SMS (deprecated), you are doing me a disservice and you should pay for the consequences.

Use e-mail. It's free, works across countries, across SIM cards, allows for alphanumeric IDs, and is decentralized and not controlled by telcos.

> Use e-mail. It's free

And the email that my service sends you so that you can complete registration will land straight in spam where you won’t find it.

I’ll stick to SMS for activating accounts.

I don't receive SMS, so I won't find that either. It's dated tech and I deprecated it 10 years ago.

Also, we're SIM-swapping global nomads now, not some potatoes that sit on a couch in one country all year long. Phone numbers don't work anymore.

You may be in the minority here. As you are the only one inconvenienced, it also seems like a reasonable decision.

I think we're talking about all of Gen Z, not just me

Some folks build (or use) telecommunication systems that work for (cell) phones. Believe it or not but for receiving a notification via text message you nobody needs to install any apps or even require a smartphone and/or internet access :)

It's still mostly used for malicious tracking. In many countries you have to use your identity to get a phone number, and SMS verification exploits this to track users.

Never heard of getting a convenience store burner phone for cash?

This is not possible in most of EU markets, KYC is mandatory and even prepaid SIM cards must be registered and verified with ID before SIM is used for data or calls. Old SIMs without registration were blocked until they would be registered. Some exceptions may exist, but this will be harder and harder in future.