There are some odd things here. How can someone be a "scam prevention expert" and not be aware that caller id can be spoofed, and therefore should never be trusted for anything important? How can someone be a "scam prevention expert" and not know (even if you only "skim" the email) that you don't read out 2FA authentication codes to someone who calls you and asks you for them? These are surely the two most basic methods used to scam people...