I can't disagree with any of the precautions you encourage.
That being said, Microsoft's customer support numbers are very easy to obtain via their "Contact Us" buttons/links under the product support website for the specific product in question (support.office.com in this case). They're also generally printed on the install media (if you have it) or the license key covers.
I counsel my clients that they should never, and I emphasize never, believe anyone who calls them, unbidden, and wants remote access to their machine. I further emphasize that no legitimate company would ever do this. I then follow-up with this is not the same thing, at all, as a technical support representative calling you back on an issue you've reported, and for which you've been given a case/incident number, and where they identify themselves as being from the company you've previously called and can give you the incident number without your ever giving it to them.
I try to teach complete neophytes how to critically evaluate information that they find on the internet and that when it comes to technical support phone numbers if they're not from the website of the maker of whatever it is you're concerned about then they're not a number you call - ever.
I get all that, and I totally agree. It's possible you're working with slightly above-average computer users, or I'm working with below-average (although in my experience, they tend to be the majority). For instance, "I counsel my clients that they should never, and I emphasize never, believe anyone who calls them, unbidden, and wants remote access to their machine." Yup, me too. And they sit there and say "But they opened up (Event Viewer) and showed me all the errors that my computer had and claimed that my machine was sending out viruses and that they were from Microsoft..." And I tell them "They are scamming you. Everything they said was a lie to get you to give them money." And they say "But they said I had such and such problem with my computer..." And oftentimes, these are the same people who have already fallen for the scam one or more times, and we've already had this conversation, and they still want to talk about what the scammer told them.
Also, a huge problem that my customers have is locating phone numbers. Most of them get to every single web page they go to via Google. For instance, I watched someone go to AOL. They opened up their browser (which defaulted to Google) and typed in "www.aol.com." If I tell my customer to enter something into the address bar, in order to get to a specific web site, I have to ask them what exactly is on the page that they're now looking at, because even after describing precisely where the bar is, they still end up typing into the Google search. They have no hope of finding a legitimate Microsoft phone number. And yet when they run into a problem, instead of calling me, they call some random 800 number and let people onto their computer.
I apologize for the off-topic discussion, I just wanted to better explain what I said and why. I appreciate the discussion. It's very important to try to create educated users, which is why I hate it when Microsoft tries to hide important things like file extensions from their users by default, because all it does is foster ignorance. My customers tend to skew towards the older generation and their mentality is often "I'm too old to figure out how to use a computer" which is maddening to me, because what they are telling me is that I'm wasting my time explaining things to them because they're not even attempting to listen.