Look Out for DocuSign Phishing Scams
Cyber attacks threaten businesses daily, often costing thousands to millions of dollars in damages. A cyber attack is a deliberate assault on a computer system or network that uses malicious code to make unwanted modifications or steal data. A growing list of cyber attacks can impact any size organization.
One form of cyber attack is phishing, a type of social engineering scam that attempts to obtain sensitive information using email fraudulently. A phishing attack starts with an email that appears to be coming from someone you typically do business with. Although it seems legitimate, you need to be highly vigilant. If the message format differs or includes red flags like poor grammar, syntax errors, broken links, etc., this could indicate a phishing email. It may be written with a sense of urgency or include a warning that your “account will be closed,” or your “access will be limited.”
A type of phishing attack that gained notice during COVID-19 shutdowns and continues today involves sending fraudulent emails requiring signatures to electronic documents (DocuSign) to trick the receiver into sharing personal and business financial information.
What is a DocuSign Phishing Attack?
A DocuSign phishing attack is the latest malicious tactic to coerce people into entering their account credentials on a fake login page. Such actions can have very dangerous consequences, including infecting their computer system with various malware.
The DocuSign phishing scam allows hackers to easily steal company or personal information. As part of the scam, hackers prepare a fake DocuSign login page that requests credentials (email address and password) that, if entered, allow the cybercriminal controllers to attempt to use the information for other attack vectors.
DocuSign Phishing Attack Warning Signs
If you receive an unexpected DocuSign email and think that it could be a phishing scam, look for the following signs:
You haven’t requested any documents: Be wary if you receive an email stating that you have documents to sign via DocuSign. If you haven’t requested any documents, it’s likely a phishing attack.
You don’t recognize the sender: If the email comes from a name you don’t recognize, delete it. You shouldn’t be receiving signature requests from strangers. If individuals or businesses legitimately want you to sign a document, they should contact you beforehand, letting you know that a signature request is on the way.
Be wary of links: You should never click on a link in a random email. Always check the URLs of those links before clicking. You’ll often find that they aren’t links to DocuSign but to other companies. That’s a sure sign of a scam.
Watch for misspellings: Scammers often send their phishing attacks from email addresses that are similar but not exactly the same as those used by legitimate companies. For instance, instead of coming from an email address ending in @docusign.com, scam emails might come from ones ending with @docusgn.com or @docus.com.
See below for an example of a DocuSign email.
Employee Cybersecurity Education
Cyber risk is not just a technology risk but an operational risk. Therefore, it is vitally important to have employee cybersecurity education and training. Businesses should consider offering ongoing training to ensure all employees are consistently updated about potential risks and how to recognize and avoid them. Employees should be aware of common cyber dangers such as phishing attacks, malware, and ransomware, how they are likely to be delivered, and simple practices and behaviors that can reduce the likelihood that they will present a serious problem for your network systems.
Dan Zeiler
dan@zeiler.com
877-597-5900 x134