It's fairly straightforward using apps like SpoofCard -- watch a few YT tutorials, install the app, buy some credits, and spoof away. But there would be a trail for investigators to follow, from App Store and in-purchase to app logs.
He
could have done it, but they would know he had done it, and it would be part of the evidence here, IMO. And I'm not sure why he would have bothered going to all that trouble only to apparently abandon that plan and let SM's phone play dead thereafter with so much mileage in the scam, as it were. The "hottub stuff" message sounds to me like something SM might well have texted, as opposed to "chemicals and cleaners X and Y."
Although this is "mechanical thingy" Barry we're talking about, so who knows? He strikes me as a guy who lacks the nous, interest and patience to work out a technical problem in a field he knows nothing about.
It's surprisingly easy for a hacker to call anyone from your personal phone number