Business Communications: Best Practice Advice from the National Cyber Security Centre
How to protect your brand, customers, and bottom line
The National Cyber Security Centre (NCSC) has published new best-practice guidance for businesses using SMS and telephone communications: a timely reminder that trusted messaging is vital to customer protection.
The challenge
SMS and phone communications remain among the most powerful channels for reaching customers quickly and reliably. Yet the same strengths that make them effective are also what attract criminals. Fraudsters can easily imitate legitimate brands, spoof numbers, or manipulate links, eroding consumer confidence and exposing businesses to financial and reputational harm.
Building trust through best practice
To protect your customers and your brand, NCSC advises businesses to:
Create trustworthy content – Avoid unnecessary personal data requests or suspicious links.
Communicate through a single, consistent voice – Limit the number of sender IDs and communication routes to reduce confusion and risk.
Ensure transparency from your SMS providers – Work only with suppliers who adhere to the A2P Code of Conduct, participate in the MEF Registry, and are open about their delivery routes and partners.
The critical takeaway: stop sending to unallocated or virtual numbers
Do not, under any circumstances, send to unallocated or virtual numbers.
These numbers have no legitimate user behind them and are frequently exploited by fraudsters engaging in Artificially Inflated Traffic (AIT) — a type of fraud that costs businesses millions each year in fake SMS traffic and wasted spend.
The NCSC’s message is clear: if your systems don’t filter out these numbers before sending, you’re at risk.
That’s where HLR Lookup help.
Our real-time number validation and HLR lookup services identify unallocated, inactive, or virtual numbers before you send; ensuring your messages reach genuine users, not fraudulent endpoints.
By integrating HLR Lookup into your communications process, you can:
Prevent AIT and wasted spend
Protect your sender reputation
Improve deliverability and ROI
Strengthen compliance with NCSC and Ofcom guidance
SMS authentication and fraud prevention
For businesses using SMS for one-time passcodes (OTPs) or authentication, NCSC also advises:
Restrict API access and validate inputs
Limit retry attempts and block automated requests
Restrict international sends if not required
Deploy fraud detection and bot-blocking measures
These steps, combined with real-time number intelligence from HLR Lookup, form a robust defence against SMS fraud and revenue loss.
A safer telecom ecosystem starts with data intelligence
Spoofing and signalling manipulation continue to challenge the industry, but strong governance, transparent routing, and proactive number validation can make a measurable difference.
By adopting the NCSC’s recommendations, and integrating HLR Lookup’s real-time validation tools, businesses can protect consumers, safeguard their communications, and build trust that lasts.
For more about our HLR and number validation solutions speak to our team info@hlrlookup.com.
Written by Claire Connor
Chief Marketing Officer at HLR LookupThe centralised HLR lookup service. We provide dependable status lookup for mobile telephone numbers. We welcome any suggestions for blog posts and are happy to share our insights. If you’d like the team to write up an article about a specific part of HLR Lookup please email us at info@hlrlookup.com.
HLR Lookup – Phone number validation for businesses
Register now for a free HLRLookup account.
