This content is viewable by Everyone

May 2024: NDA Lures Lead to Installation of Malicious Software

NDA Phish Indicators

Example of an NDA lure used in attacks.

Threat Alert: Meta/NDA Lures

  • A Recent phishing campaign is distributing phishing lures purporting to contain a non-disclosure agreement (NDA).
  • The NDA is distributed in a password- protected zipped archive attachment. A password for the attachment is contained within the body of the email.
  • The phishing emails purport to come from a finance center associated with real estate.
  • Interacting with the attachment ultimately leads to the installation of malware on the victim’s device.

Key Action: Report Suspicious Emails 

  • Be cautious of unexpected application downloads. Treat any unexpected application downloads as potentially malicious.
  • Be wary of emails sending password-protected documents that also contain the password. Passwords provided in the body of the email should be a cause of suspicion.
  • Report ANY suspicious emails using the Phish Alarm button.