The entire domain registration system is borked
One of the dangers of using domain admin or anonymising services is that legally, the domain is owned by the entity whose details appear in the Whois entry. So technically, the anonymising service owns the domain and if they get bought out the purchasing entity could technically claim your domain and you would have no rights to it, since you aren't listed as the owner.
For this reason all our domain names are held via our own company contact. However, phoning the number we use for domain registrations will simply get you a recorded message with no further contact options. Since every spamming fuckwit on the planet scrapes the Whois listings, we registered a separate number which we don't use, because otherwise it just rings constantly with telemarketers, spammers, scammers and scumbags. So it's really a waste of time and money requiring a phone number, when the vast majority of them would either lead to pointless recorded messages like ours, be left off-hook, or constantly busy with spam calls and can't be reached anyway.
As to clicking on links in emails, this is something I simply don't do, unless I've specifically requested the email (e.g. for a lost password reset/recovery.) Any email claiming to be from our domain registrar asking us to verify our contact details would simply go straight into the spam bin, along with the thousands of other fake domain-renewal notices, account-verification scams, and similar-domain cybersquatter offers we get every day.
However we've never had a domain suspended for lack of verification so I assume the fact that we pay for them out of our company account is sufficient verification for our registrar.