We have a (legit) servicedesk that sometimes calls our users to help them or someone at their location. The problem is the users also get a lot of scamcalls and sometimes a worker (perhaps a new employee) falls for it and gives their teamviewer-id to the scammer.
What would be a solution besides removing teamviewer-id from the client? Considering some way for the legit support to verify themselves, but I want to avoid complicating their process too much. Awareness is an obvious solution, but some of the targets have a high turnover rate in employees, so there are often new employees handling the calls.
Any obvious ideas I have overlooked?