You’re right to call out NameCheap’s shoddy practices, but at the same time it feels like the problem of SMS fraud could be well-mitigated by the mobile networks? There is already the 7726 spam reporting service – yet information on what the mobile networks do with reports made to this service is scarce. (Is it just there to make people feel better?) A common pattern I see is for scam messages to start with the company name and contain a URL; e.g. “DELIVERY COMPANY: Your parcel has an unpaid £1.45 shipping fee. Please pay this now via: not Delivery Company’s website. Your package is at risk if this fee is not paid.” There are a small number of companies whose brands get targeted in this way – banks and delivery companies seem to be the targets at the moment. Could the mobile networks take a more active role and liaise with these companies to establish what domain name(s) they are going to use in their SMS notifications – and when they are asked to deliver messages that match known fraudulent patterns containing a brand name and a URL that don’t correspond with each other, they instead route the message to /dev/null?