I can understand why this is still going on, because I myself receive calls almost weekly from "Windows Support" or some such. I simply hang up without saying anything, and they don't call back. With an enormous numbers of unsolicited offers from the scammers to "fix" some problem with "your computer," a small percentage of the gullible should result in significant returns on "investment."
But it still amazes me that people still fall for this scam and let somebody they don't even know access their computer(s) remotely with administrative privileges. Among my customer base, the first was hit three years ago with this nonsense (not using a Citrix product, by the way), and there have been a few others over the years since. Thankfully, I have not seen signs of significant damage or exploitation. These people could well have installed the now-well-known encryption technology that effectively removes all access to files in secondary storage and leaves the "customer" with no recourse except to restore the entire system from a full backup image. Sadly, despite my constant harping on the importance of backup, very few people actually perform backups--ever!
Over the past couple of years there have been frequent warnings of this type of exploit in the trade press and in mainstream media. Apparently it's impossible to educate and caution a significant portion of the user base, especially with Microsoft Windows.