I once had an issue with Microsoft at work and had to get MS support to help me. They literally called me on the landline and asked for remote control of my computer. It was totally legit.
Still I felt uncomfortable and asked for a Teams session with screensharing instead (and not remote access), but this 'was not possible'.
So, how are people to distinguish between 'fake' calls and real ones if companies still use such shitty techniques?
OK, looks like "microsoftsupport.com" is taken, but GoDaddy is happy to offer me alternatives like microsoftsupport.app, microsoftsupport.site, microsoftsupport.tv, or microsoftsupport.uk that should work equally well for scam purposes. Or microsoftpcsupport.com is available, if a ".com" is particularly desirable.
Doesn't Microsoft use a thousand different domains, most of which look sketchy?
What if you receive an email from microsofts-support@live.com? Could you immediately tell that it is not legitimate compared to, e.g. contact@microsoftsupport.com?
Still I felt uncomfortable and asked for a Teams session with screensharing instead (and not remote access), but this 'was not possible'.
So, how are people to distinguish between 'fake' calls and real ones if companies still use such shitty techniques?