Your phone provider doesn’t verify incoming caller ID. It’s sort of like looking at the return address printed on an envelope. The person that mails the letter can put anything they want on there, because their carrier lets them.

It’s entirely possible to do this securely, but until we start making phone service providers liable for spoofed caller IDs, they don’t have much motivation.

Basically if you get a call from your “bank” (or any other financial / health institution) be skeptical. Government agencies will never call you. They will send a letter for contact.

Hang up and call them back with their published phone number on their web site. Banks will never ask for stuff like your pin over the phone.

Caller ID is a feature. You can display your callback number to anything you want it to be, if you Google it, and that’s all they’re doing. If it is your bank’s number, then calling them back will go to the bank. They can only control what they present themselves to you as, they can’t hijack the whole entire phone network and reroute your calls.

The feature exists so businesses with call centers can display a uniform callback signature of their callback line rather than all the individual phone numbers of all the phones in the call center.

If you don’t like caller ID, there are phone services you can subscribe to and redirect your calls through the service, which will strip the caller ID information and display the real number. This means, though, that some legitimate services will now appear confusingly as one out of a whole block of numbers, rather than their identifying phone number.

When in doubt – don’t answer the phone. If you do, always ask for a name and a case number. Lookup the customer service number for that business yourself, DON’T rely on the callback number. Call them yourself and verify the name and case number before carrying on.

Displayed called ID is sent from the caller to the receiver. This information is not secure, and it can say anything you want it to say. The equipment that turns your called number into where the call goes is done completely differently, securely.

For the second question, the number you dial is routed by your phone provider, who you trust to send it to the intended number at your bank, not the scammer. The scammer has no power to route that phone call as he doesn’t control the phone routing system, only the caller ID info he sends on his phone call to you.

However if he tells you “call me back at this number” then you’re not calling your bank but his scam number. Your phone company has no idea that your intent to call the bank, only intent to call the number.

If you watch YouTube, I recommend the channel Jim Browning. He hacks scammers and shows exactly what they do and how.