How about we make phone calls a whitelist-driven system with cryptographic tokens and use software to give your phone number to others. When this exchange happens, it comes with a token, and your phone does not ring if the token is not included.

So when someone calls you and you expect it to be bob, but it is steve the scammer, you can revoke bob's token and text him with WTF bob? How much did steve pay you?

I already do this with email. Anything send to @mydomain.com gets to my catch-all, and the token is whatever is to the left of the @ sign.

I've caught so many companies either breached or selling data that it is not funny.