Hypothetically on a fully controlled system you could prevent attacks like the sort of “hello this is Microsoft, we’ve identified a virus on your device, please download teamviewer and login to your bank account so we can clear it for you” type spam calls.
Or, hasn’t there been malware that periodically takes screenshots of the device? Or maybe that’s a Hollywood plot, I forget actually.
> hasn’t there been malware that periodically takes screenshots of the device?
Yeah, it's called Recall and its baked into Windows as a "feature."
It's unfortunate because it's actually incredibly useful functionality. If only they hadn't packaged and marketed it in quite the way they did. If there was ever a feature that needed to be guaranteed local only, zero third party integration, zero first party analytics, encryption tied to a TPM that was it.
Keep in mind that a truly clueless user will most likely be running in a stock configuration. So long as that doesn't permit apps to tamper with one another (as is currently the case) there should be no issue. Google could even provide a toggle to officially root the phone and so long as flipping it wiped the device the problem would remain 99.9% solved because a scammer would be unable to pull the job off in one go.
By the time you reach the point that the user is doggedly following harmful step by step instructions over the course of multiple callbacks there is nothing short of a padded cell that can protect him from himself.
Unless you mean to suggest somehow screening such calls? A local LLM? Literal wiretapping via realtime upload to the cloud? If facing such a route society would likely be better off institutionalizing anyone victimized in such a manner.