| I've read through a lot of the responses and I am still kind of confused how the fraud actually works: 1) Scammer leases a "premium phone number" from a provider. From doing some reading, premium numbers are where the caller/texter pays extra for interacting with the service at this number. So like a 1-900-phone-sex line from back in the day, where if you call, you get charged like $5.00 a minute. The provider leased the number to the phone sex operator for $1 per minute. The phone sex operator runs the service and charges access via your telco at $5 a minute, and ends up netting $4. The telco bills you $5 for your 1 minute call. 2) In Twilio's case, they get a request to send a text to a premium phone number leased by the scammer. This text is actually initiated by the scammer, via something like requesting a new one-time password. Twilio sends the text. 3) Twilio then determines that the destination number is a premium phone number. Twilio charges you extra for sending the text because of this. Twilio then remits a payment to someone, either the scammer or the premium phone number provider. 4) Scammer repeats step 3 a very large amount of times and collects. Twilio bills you for all of those texts they sent, on your behalf, to the scammer's premium number. Step 3 is where I am confused. How do the payment flows work. Is Twilio remitting the money to the scammer, who then needs to pay for the leased number? Or are they remitting the payment to the premium phone number provider, who then pays some portion of that to the scammer? And come to think of it, how does the phone sex line example work? Which entity actually contracts with the telco to set the cost/toll? |
So, rent one of their numbers with a fee attached, get a bunch of CAPTCHA texts sent to your number. Your carrier charges Twilio some amount for each call, then sends you a check for some percentage of that.