It remains to be seen if attackers will find ways around DocuSign's protections. pdf files, which removes malicious content like embedded macros. Sharing malicious documents is hard to do because DocuSign does have protection against weaponized attachments: Uploaded document files are converted into static. In this new attack, scammers upload a file to a real DocuSign account (either a free one or one stolen from somebody else) and share it with the target's email address.Īs result, the recipient will receive a legitimate DocuSign mail with an existing and functional security code that leads to the malicious file. Security vendor Avanan recently spotted a new DocuSign campaig n that bypasses most of the advice provided above, by using real DocuSign accounts. However, to complicate matters, phishers have now been discovered sending legitimate DocuSign emails from legitimate DocuSign accounts. There is no need to trust the sender, or the links in their email. (Don’t bother, it’s invalid.) If a scammer sends you a fake code it simply won't work. It will have a format similar to this one: EA66FBAC95CF4117A479D27AFB9A85F01. If you get a DocuSign email, visit, click 'Access Documents', and enter the security code provided in the email. We recommend that you use the “Alternate Signing Method” mentioned in legitimate DocuSign mails. Rather than trying to identify whether or not an email is bad, it's often safer (and no less convenient) to assume it's bad and ignore its links completely. We've included some examples of DocuSign phishing campaigns below.Ī fake Microsoft login screen triggered by a fake DocuSign invoice Remember, if you're in doubt, it is not stupid or rude to contact a sender by direct mail or another method, and verify the email’s authenticity (just don't hit "reply"). You can read an exhaustive list of things to look out for, as well as addresses to report suspicious activity on DocuSign's incident reporting page (although we recommend you simply opt for the safe document access option, described below). In the spam campaigns we have seen, documents were hosted at, , and some documents came as attachments, which DocuSign does not do.Īlso, the sender address should belong to, but that alone is not enough: We have seen spoofed messages coming from that address, so check for other indicators. If it is an actual DocuSign document it will be hosted at. Recipients can check links by hovering their mouse pointer over the document link in the email. Google searches for DocuSign almost doubled during March 2020, and stayed there, as so many people around the world started working from home.Įarlier this year, DocuSign specifically warned about phishing campaigns using its brand.ĭocuSign phishing emails have many of the tell-tale signs of other phishing attacks: Fake links, fake senders, misspellings, and the like. It also cuts back on human contact, which is particularly useful for remote working, or when everyone is locked down in a pandemic. Signing documents electronically saves a lot of paper and time. Now you can add DocuSign to that list.ĭocuSign is a service that allows people to sign documents in the Cloud. And the brands phishers like most are the ones you're expecting to hear from, or wouldn't be surprised to hear from, like Amazon or DHL. Scammers often send their phishing attacks from emails that are close to but not exactly the same as those used by legitimate companies.Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. You'll often find that they aren't links to DocuSign but to other companies. You should never click on a link in a random email. You shouldn't be receiving signature requests from strangers. If individuals or businesses legitimately want you to sign a document, they should contact you beforehand, letting you know that a signature request is on the way. If the email comes from a name you don't recognize, delete it. If you haven’t requested any documents, it’s likely a phishing attack. Be wary if you receive an email stating that you have documents to sign. There are several clues that a DocuSign email is a scam.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |