A threat actor attempted a spoofing attack by emailing a fake Zoom meeting invitation to employees. These types of links often trigger malware downloads or pull up fake login pages designed to harvest credentials.

Darktrace stopped this Zoom scam by identifying the fake Zoom meeting as a suspicious link, despite appearing to be from a known sender using a trustworthy service.