Normally this iFrame would not be visible

I've left the iFrame visible as a demonstration.

To truly obscure which site is launching you into the call, an attacker site may even do so lazily after you've been on the site for a while.