A deceptive email containing a fake Zoom meeting invitation has been identified. Clicking the 'join' button leads to a website prompting users to install a purported Zoom client update. The downloaded executable, 'Session.ClientSetup.exe', is actually malware that installs an MSI package. This package deploys ScreenConnect, a remote access tool, allowing attackers to gain unauthorized access to the victim's computer. The malware establishes persistence by installing itself as a service and connects to a command and control server at tqtw21aa.anondns.net on port 8041. Users are advised to exercise caution when receiving unexpected Zoom invitations or update prompts.