They don't need to be verified through E-mail or through the phone, though. A simple landing page after you sign up that says: "We signed up [E-mail] for this service using [phone number]. If this is incorrect, [click here] to make corrections" would work, too.

Frankly, I'm getting tired of having to constantly "verify" this and "confirm" that every time I sign up for or log into an online service. It's especially annoying after I've already signed up. Every bank that I haven't logged into for the last 5 milliseconds hits me with a "confirm your E-mail yet again" flow. I'm going to just start using "password" for my password if these guys keep insisting on round-tripping through my E-mail every time I need to do anything.

If you used a username, you wouldn't have this problem. As it stands, signing up someone else's address for a lot of sites to spam them with confirmations is already an attack vector that's used in the wild. And that's legitimate spam and should be reported as spam and sites that do this are spam amplifiers.