Fraud Prevention
Blocking disposable and virtual numbers at sign-up
Disposable and non-fixed VoIP numbers can be obtained in bulk with no identity check, which makes them the cheapest tool available for promo abuse, referral fraud and multi-accounting. A single number type check at sign-up flags the numbers behind this activity before a bonus is ever claimed, without adding friction for a genuine mobile user.
Why sign-up abuse gravitates to disposable numbers
Referral bonuses, free trials and sign-up credits are designed to be claimed once per person. Abusing them at scale requires opening many accounts quickly, and the phone number field is usually the cheapest identity check to defeat: non-fixed VoIP numbers can be provisioned in bulk, often for free or near-free, with no identity verification attached to the number itself. A fraud ring or a single opportunistic user can burn through dozens of numbers in the time it takes to claim a bonus once with a genuine line.
This is a different problem from account takeover or document fraud. Nobody is impersonating anyone; the abuse is simply claiming the same offer repeatedly under technically distinct but practically disposable identities. The phone number is often the only field cheap enough for the abuser to churn at the volume needed to make it worthwhile, which is exactly why it is the most useful field to check.
Where to apply the check
Query the phone number as soon as it is submitted, before account creation completes and before any promo credit is issued. This is a single, fast API call, and catching the abuse before the bonus is granted avoids any clawback process later.
A non-fixed VoIP number is not proof of abuse by itself. Plenty of genuine users have valid reasons to sign up from a VoIP line. Treat a flagged number as a reason for a lighter-weight secondary check, such as delaying bonus credit until a follow-up action, rather than an automatic rejection, unless your risk tolerance and abuse volume justify a harder block.
Beyond number type, promo abuse rings often reuse the same small pool of numbers or number ranges across many sign-ups. Telebase returns the facts for one number per query; matching that against numbers seen on other recent sign-ups is logic your own fraud stack builds using this data, not something inferred automatically.
Example call
curl -s 'https://telebase.fatcatremote.com/api/lookup?phone=%2B447700900000' \ -H 'Authorization: Bearer tb_live_xxxxxxxxxxxxxxxxxxxxxxxx'
{
"phoneNumber": "+447700900000",
"active": true,
"carrier": "EE",
"country": "GB",
"numberType": "mobile",
"simSwap": "UNKNOWN",
"simSwapAt": null,
"_meta": { "activeSource": "LINE_STATUS" }
}
A numberType of nonFixedVoip on this same call is the signal to act on. See number type detection for fraud for the full set of values and how each correlates with risk.
Signals available today
Live in every response
- Number type: mobile, landline, fixedVoip, nonFixedVoip, tollFree or voicemail
- Active status: whether the number is currently reachable on the carrier network
- Carrier: the network operator serving the number
- Country: ISO country code of the number