According to FBI reports, the attack begins with a phone call that appears to originate from Google through spoofed caller ID. The caller claims to represent Google and warns the target about potential unauthorized overseas access attempts on their account. The initial contact is followed by a fraudulent email, purportedly from Google, containing a code that victims are urged to use to secure their account. However, entering this code actually grants attackers access to the victim’s Gmail account.