A deceptive campaign is using a fake Zoom meeting website to covertly install Teramind, a commercial monitoring tool, on unsuspecting users' Windows machines. The operation begins with a convincing imitation of a Zoom video call, complete with scripted participants and artificial technical issues. An automatic 'Update Available' prompt then initiates the download of a malicious installer without user consent. The installed software is a covert build of Teramind, designed to run invisibly and avoid detection by security tools. This campaign is particularly dangerous due to its use of legitimate commercial software, which may evade traditional antivirus detection. The attackers exploit users' trust in Zoom and Microsoft to execute their plan, highlighting the importance of verifying meeting links and being cautious with unexpected software updates.