Post by account_disabled on Dec 12, 2023 15:33:11 GMT 7
Messaging costs are very high. You may also notice that short text messages are sent to similar numbers often have similar endings or look similar + + + + etc.. Additionally you may notice a non-standard direction in which messages are sent. for example in a given city or region and messages are sent to for example Asia or South America - this should automatically give you a lot to think about! Best Practices for Preventing SMS Traffic Scams Disabling geographic permissions for unused countries Making sure to disable countries that you do not intend to send messages to will reduce the likelihood of traffic fraud.
You can control SMS geo-permissions on your account Email Marketing List by enabling SerwerSMS traffic cost protection in the Shield ecosystem. Enable traffic cost protection and set a rate limit to ensure that your application does not send one message every X seconds to the same range of mobile numbers or prefixes. Enforce rate limiting by user IP address or device ID. To do this you can use a CDN like Cloudflare or implement modules on web servers like Nginx and Apache for basic rate limiting. Rate limits may not prevent % fraud but they will significantly reduce the potential damage.
Detect bots and refresh the user experience to prevent them Libraries like botd or CAPTCHA Completely Automated Public Turing Test to Distinguish Computers and Humans can help detect and block bot traffic. Small changes to the user experience such as ensuring users confirm their email address before signing up for FA will create a lot of friction for legitimate users slowing down or leading to poorer user engagement but may prevent automated scripts and bots . Implementing exponential delays.
You can control SMS geo-permissions on your account Email Marketing List by enabling SerwerSMS traffic cost protection in the Shield ecosystem. Enable traffic cost protection and set a rate limit to ensure that your application does not send one message every X seconds to the same range of mobile numbers or prefixes. Enforce rate limiting by user IP address or device ID. To do this you can use a CDN like Cloudflare or implement modules on web servers like Nginx and Apache for basic rate limiting. Rate limits may not prevent % fraud but they will significantly reduce the potential damage.
Detect bots and refresh the user experience to prevent them Libraries like botd or CAPTCHA Completely Automated Public Turing Test to Distinguish Computers and Humans can help detect and block bot traffic. Small changes to the user experience such as ensuring users confirm their email address before signing up for FA will create a lot of friction for legitimate users slowing down or leading to poorer user engagement but may prevent automated scripts and bots . Implementing exponential delays.