If I want to call someone using a different caller ID through twilio, twilio makes me verify ownership of that number.
But of course, then twilio is only doing this to keep scammers off their own platform. Since the telcos don't validate anything, there are plenty of less scrupulous providers that don't validate anything.
So all the telcos need to do is require anyone providing access to their networks to validate their caller ID numbers.
I actually deal with (part of) this problem from the other side: I maintain text messaging for the biggest company in our sector.
Within the last few months, we've been running into issues where our phone numbers are actually being stolen by these third parties.
Service providers are SUPPOSED to receive letters of authorization before porting a number. I.e. if I want to use my phone number on Twilio, I need to provide a letter showing ownership of the number (or blocks of numbers) I wish to provision on their platform.
Twilio, BTW, is one of the good guys on this. But FWIW, if the number's already provisioned they can't really tell you when a number's been hijacked, you won't know till you try to use it and Twilio's API gives errors.
Anyway... big takeaway is our numbers keep winding up 'stolen' by another provider (not Twilio). Every time we email them, they release the numbers back to us, but asking for LOAs to see how this happened gets crickets. Oh and this process leaves the numbers unusable for 1-3 business days.
But of course, then twilio is only doing this to keep scammers off their own platform. Since the telcos don't validate anything, there are plenty of less scrupulous providers that don't validate anything.
So all the telcos need to do is require anyone providing access to their networks to validate their caller ID numbers.