Sadly this wasn’t a catch. The nice client allowed remote access to his system to the scammers. He balked when asked for $400 tech fees but there wasn’t anyway to tell if his data had been copied - this included password lists (another lecture) and social security numbers off tax returns that were digitised. Thus the scramble to change account numbers, passwords and freeze credit reports. Never call anyone when prompted by computer, never trust a contact link sent by email - use Google to find contact numbers and remember, NO ONE will send you a link asking you to directly login to an account.