Microsoft help results in a scam...??

The t.co site is merely a link service that belongs to Twitter to shorten links in tweets so users don't go beyond their character limit by posting long links. Therefore the link hxxp://t.co/JZwitAcuUF actually resolves to hxxp://helps.ms/vyVWdb and not the other way around.

See this article from Twitter about it:

https://support.twitter.com/entries/109623-about-twitter-s-link-service-http-t-co

Links are automatically shortened to 22 characters even if the original link is actually shorter.

https://support.twitter.com/articles/78124-how-to-shorten-links-urls

However, link shortening services are risky because users don't always know where the link may take them and are often used by hackers and such which is why they get bad safety ratings.

 

Actually no, it's the other way around. What is actually offered for you to click on and what you actually see, in this case is "helps.ms/vyVWdb". While it's a link to click on, it's not the actual link, which would be " hxxp://helps.ms/vyVWdb". It's only a name chosen as what is displayed and could have been anything like "MS Chat" for example. This is what we do with our malware logs all the time like when we say the following for instance:

Please go here to download HijackThis.

All you see if the word here in red and underlined but when you hover over it you see the full link which is "http://www.bleepingcomputer.com/download/hijackthis/". OK, I'm sure you knew that and it sounds like what you're saying but if I were using a link shortening service, you would may not see bleepingcomputer.com anywhere. One of those types of services is bit.ly. If you look at this link in an article posted here years back, you will see all the link displays as is hxxp://bit.ly/eXdMkI and if you hover over it it shows "bit.ly/eXdMkI" however if you click on it then it takes you to a site called "themarker.com" so essentially you are taken to an unknown destination. This is why they are seen as very risky and to be followed with caution.

http://forums.techguy.org/7842829-post4091.html

In the case of Twitter though, I see that they display both links when you hover as I see the real link right next to what is displayed and the link shortening service, which is not really a site, at the bottom of my browser. The link shortening service redirects you to the real link.

 

Any links on twitter including other short links will automatically be converted to the t.co /xxxx links
They are not links to malware sites and you always need to read securi reports carefully & see what blacklists they are on
Phishtank has a high false positive rate and several of us have been trying to get something done for ages about that. The idea behind phishtank is that individuals vote on whether a site is a phishing site or not. Unfortunately there are several bots that vote and they frequently give incorrect votes, normally legit sites get voted as bad, based on an automatic algorithm.
Part of the problem in this case is that securi take a domain and don't look at individual links. They assume ( wrongly) that if one link or page on the site is a phishing site or has malware then the whole site is flagged as a phishing or malware site. You cannot do that with short url sites or ISP sites which get frequently wrongly flagged by securi