I think there is relatively cheap way to reduce such scams: make it mandatory for banks etc to perform “training” of the clients. Regularly make a call to clients asking for sensitive data. Then block account if client provides this data.