hi gus_lippolis,

Congress has provided and the Federal Communications Commission has issued rules including a loophole for certain telecom companies not to comply with spoofing prevention measures such as STIR/SHAKEN.  On the other hand, Zoom Phone has completely implemented STIR/SHAKEN. 

The Federal Communications Commission has provided major carriers who continue to use ancient technology known as Time Division Multiplexing (TDM) with an exemption.  Some large carriers still have legacy TDM telecom equipment that is not compliable with STIR/SHAKEN.  You can see the list of the carriers which have not implemented STIR/SHAKEN or only partially implemented STIR/SHAKEN in the FCC Robocall Mitigation Database. 

STIR/SHAKEN requires the authentication of the caller-id number by the originating domestic carrier or gateway carrier if the call originates from overseas.  If all telecom companies had to comply with STIR/SHAKEN and the FCC enforced this requirement, spoofing would be greatly reduced. 

Second and equally important are rogue VOIP companies that help scammers and spoofers.  FCC and state attorney generals have tried to stop these bad actors, but it is very difficult to do.

Suggestions are to contact your congressional delegation to amend the law, file complaints with your state attorney general, the Federal Communications Commission, and the Federal Trade Commission.

As Nationwide Fraud Losses Top $10 Billion in 2023, FTC Steps Up Efforts to Protect the Public | Fed...

https://www.fcc.gov/spoofing

thanks,  eliot