So far, there's been no major incidents, as the ad-blocker filters out most of the crap on-line, and the lack of administrative privileges prevent the less knowable users from doing something dangerous.
And then just train them to forward any email that they can't identify as scam themselves right away to you.
it was kind of hilarious to "hum-hum" my way through his instructions on how to install TeamViewer on Windows. obviously it failed at some point as I wasn't able to keep the pretense...
there are entire call centers dedicated to those scams, it's kind of scary.