As I understand it, for phone network calls, the calling line id is provided by the telco, not by the caller. So it should be possible to prevent all spoofing of local numbers provided that all Australian telcos act with integrity.
That could be coupled with measures that ensure that no phone network call originating outside of Australia can ever appear to originate within Australia. (So if the call originates outside Australia then you can be confident that you will be told this but you can’t be confident in the actual identified number.)
However it is unclear how much scamming those two measures would really stop. By analogy, you can be 100% confident in the domain name of a secure web site, but the web site can still be a scam / spam. So you know the web site is not the real thing if it is attempting to spoof a well-known web site but some people will still fall for it.
Another complication is that a phone number really represents an inbound call so may not have any meaning or relevance to an outbound call (which most spam / scam is). This is more of an issue for VoIP services.
A related problem is spoofing of the number appearing on text messages.
One would need to distinguish between authentic and authenticated.
In a conventional phone call there is no realistic way for the originator of the call (the actual calling party) to authenticate. (This is by contrast with VoIP where it should be the case that the calling party’s VoIP provider can always authenticate the calling party, perhaps even on every call. This is done by username/password. Of course if that information is stolen then VoIP is much easier then to do spoofing.)
Let’s see what telcos come up with.
I don’t think this is right. It is far easier to spoof email addresses - because, while in theory mail service providers could demand authentication
a) they don’t necessarily do so
b) those providers can be anywhere in the world and hence not appropriately subject to Australian law
c) there can be any number of such providers, who appear and disappear at will
d) always demanding authentication will cause problems in legitimate scenarios.
There are a range of measures that combat email forgery but the topic is too large to digress onto in a topic that is focused on phone numbers.