Nobody has mentioned VoIP yet. If you think about corporate VoIP networks, it's pretty clear why spoofing works. There's no secure out-of-band signaling available when everything is made of standard IP packets passing through normal networking equipment. This stuff got plugged into the public switched telephone network without adding authentication first.