You can send domain-bound one-time passcodes with Twilio Verify to prevent SMS phishing by restricting where codes will autofill to your legitimate, authorized domain, making it harder for attackers to succeed. The format of the messages is standardized and supported by Apple and Google, and you need a free Twilio Account, a Verify Service SID, and a custom Verify template to start sending OTPs with Twilio Verify. To request a custom Verify template, you contact Twilio Support team providing your account details, message body, name, locale, and confirm if the template will be used for specific regions. After support creates your template, you can set it as a default template for a Verify Service in the Console or with the API, and add domain-bound autofill from your application frontend to take full advantage of this feature.