I don't think better security software will solve this problem. I think we just need to focus on teaching users to be suspicious.

It is good to be a pessimist. That way, all your surprises will be pleasant ones.

I got an e-mail, allegedly from a friend of mine who does a lot of travelling professionally (a musician). I knew she was in Chicago for a few weeks (staying away from Queens where she lives) for the duration of Sandy storm. So when I got this e-mail that said she wanted me to wire her $950 by Western Union, presumably to England where her passport, money, etc., were stolen, I was a lottle bit suspicious. I sent her an e-mail to her other e-mail address (she has several), to check, she said to send no money. She was not in England at all, but back home. She then put it on her Facebook warning her other friends to send no money.

I do not even know if Western Union does business outside the US. But I do not much care. I think I would have been more likely to wire her the money c/o the U.S. consulate in England, where they could be sure it was really her.