Yeah, no.  You waaay underestimate how powerful modern devices are.  And, they have GPUs, too, you know. The difficulty will adjust.  The goal isn’t to wholly block the attempts - that’s impossible on an open server. It’s to impose costs and make the ROI not worth it. 

The PoW need not just be a hash - there are a ton of techniques: url relay races, guided tours, factoring… each impose their own limitations. Just good old internet latency can reduce time-to-post with the guided tours. 

And then, PoW necessarily requires that it be dynamic. The whole point is to monitor both connections to the relay AND server resources. If an attack may be occurring, the difficulty (or difficulties if doing a combo of techniques) goes up. 

If what you say is true, then PoW is effectively obsolete in all use-cases outside of consensus. Clearly, that’s not true - as evident by numerous papers and their math showing otherwise. 

And besides, the real goal isn’t to block it, but to no longer be the low-hanging fruit.

If everyone had to pay some sats to post, the spammers number of posts WILL be reduced. If the spammer can be temporarily identified, the difficulty just for them can require a higher cost to post. If they can’t be identified, everyone’s costs go up. Rinse, repeat until the spammer finds a better target/platform/protocol. 

I will submit that PoW is not a panacea and shouldn’t be used on its own, but it’s too powerful of a tool to dismiss with such obtuse statements.  “Millions” of times before a single phone can run a PoW? Really??? Have you even tried it? I have. Implemented in a large media application with 100s of millions of users that you might even use yourself.