Did anybody experiment using Twillio (or similar) to receive 2FA SMS?
There are a few service that I use that mandate or only provide SMS as a 2FA. Using Twillio seems rather ideal since they have stricter control to porting numbers. The message probably is harder to intercept as well since it goes to their servers directly. And finally the phone number is harder for an attacker to find out since it's not my day-to-day number.
I tried this for a bit, but it turned out a number of services (Google, Facebook) would fail (silently) when sending an SMS to Twilio numbers.
It might no longer be true as there was a Twilio support page that confirmed this behaviour but is now just a 404[0] (though you can see a mention of it on StackOverflow[1])
A lot of services reject numbers from known VoIP providers as a way to reject fraud (and I guess prevent people from defeating number-based marketing/advertising tracking by using unique numbers?).
You can work around that by using lesser-known providers. In the UK, Andrews & Arnold (https://www.aa.net.uk) provide UK mobile numbers which don't seem to be rejected by anything.
It’s about making bans for fraud and abuse more expensive to repeatedly evade. The expected value of a few extra spam messages is lower than the cost of a new number.
There are a few service that I use that mandate or only provide SMS as a 2FA. Using Twillio seems rather ideal since they have stricter control to porting numbers. The message probably is harder to intercept as well since it goes to their servers directly. And finally the phone number is harder for an attacker to find out since it's not my day-to-day number.