Back when I had a Pixel 2 Google would look up the numbers that would call and if the number was associated with a business in their database then they’d show the business name with the caller ID (because cellphones in the US for some reason don’t show the names that would appear if calling a landline). My wife owned a successful bakery at the time and one day I got a call that showed up as being from one of her competitors. Curious, I answered the call, but it was just another scammer. This was fairly early in the days of scammers, so I called the number back and connected to the bakery, so I told them they should call their phone company.

I’m pretty sure the scammers just make up numbers, not caring if they’re active or not. There’s a fundamental flaw with the design of the phone system that they don’t require authentication. It’s absurd to me that this has been widely abused for close to a decade now and they haven’t changed the system to prevent this. It seems like it should be fairly straightforward to have a system that authenticates that a call comes from someone authorized to use a number.