Looks like Alex called this one.

The phone system is very old and doesn't maintain a two way data connection across a larger network. Instead when you receive a call from somewhere the phone receives tones which it interprets as commands or numbers and the connection is handled by the phone company, there is no way for the phone to authoritatively question the other phone or dial the phone number that is being spoofed to verify it's really connected to that number.

This is different to how the internet works, generally the internet uses handshakes as part of the TCP protocol that most internet things use. Essentially on the internet a packet is sent with a number attached (IP Address) and your computer wont start doing anything with the data its receiving until it is able to send a packet back to that number and receive back a valid reply to the question it asked. This builds trust between the two systems so that neither side can spoof their number and receive replies meant for the number they've spoofed, keep in mind I'm not talking about man in the middle attacks here, only address spoofing.

With phones though there is no two way data path across a larger network so there is no handshake, connections are stateless between the two callers and instead the middle man (your phone service providers) are the ones keeping the connection alive.

This allows an attacker to send tones to your phone that say basically. I just called you, I hanged up, now here is another call and this is their phone number. They do this without triggering the disconnection between your service provider and your telephone, there are ways to do this with different tones or by manipulating features your phone has such as call waiting.

The whole system is very antiquated and needs to be replaced. Anyone can generate tones to manipulate the phone system and service providers don't do enough.

I know this is technical and not really what this sub is about but I thought I'd provide an answer as to why this occurs.

tl;dr phone system is old, to maintain compatibility with millions of landline devices the security has remained poor while attackers have made numerous tools to fuck with the phone system.

/r/IHE Thread Parent Link - uproxx.com