That's not a terrible approach for some things. If I get a call from my bank telling me to login to my-bank.us or something to deal with a pressing issue, it may well be a phishing attempt, and it's generally a safer approach to google my bank and get to the login page that way instead of using the domain a caller tells you to.