Stay Informed: Protecting Against Docusign Imitation

Security Bulletin

Stay Informed: Protecting Against Docusign Imitation

Home » Security Bulletins » Stay Informed: Protecting Against Docusign Imitation

June 27, 2024

What You Need To Know:

Phishing attacks using DocuSign are on the rise. These fake emails look like real document signing requests and trick people into clicking harmful links or sharing personal information. The increase in these attacks is due to more people using DocuSign, its trusted reputation, and more advanced tricks by cybercriminals. This bulletin aims to inform users about how to identify and report various security issues to ensure a safer digital environment.

How Can I Report Security Concerns Or Specific Issues?

Fake (Spoofed) Docusign Themed Email: If you receive a suspicious email appearing to be from Docusign, forward the entire email as an attachment to [email protected] and delete it immediately.
A Domain or URL Impersonating Docusign: If you identify a website imitating Docusign, copy and paste the URL into an email and send it to [email protected] for investigation.
A Suspicious Docusign Envelope: Remain vigilant if you receive a Docusign envelope from an unknown sender. Verify its authenticity by checking the unique security code in the email. Report suspicious envelopes through Docusign’s Report Abuse feature or by emailing [email protected].
Unsure if the Activity is Coming from Docusign: If you are uncertain whether the suspicious activity is related to Docusign, send an email describing the concern to [email protected].

Guidelines For Identifying Imitation Emails And Websites:

Avoid Clicking on Suspicious Links: Always access your documents directly from Docusign using the unique security code found at the bottom of the Docusign notification email.
Check URLs Carefully: Hover over any links in the email without clicking to see where they lead. Ensure the URL is hosted on docusign.com or docusign.net. An imitation link might direct you to a malicious site that tries to collect your personal data, install spyware, or download a virus.
Verify the Sender: If you don’t recognize the sender or weren’t expecting a Docusign envelope, contact the sender through communication channels outside of email to verify its authenticity. Imitation emails may include a forged email address in the “From” field, which can easily be altered.
Be Wary of Attachments: Docusign emails requesting your signature never contain attachments. Completed documents may be sent as PDF attachments after all parties have signed. Always verify that the attachment is a valid PDF file. Docusign never sends zip files, HTML files, or executables as attachments.
Check the Salutation: Many imitation emails begin with a generic greeting like “Dear Docusign Customer.” If the email does not address you by name, be suspicious and avoid clicking on any links or attachments. Also, be cautious of highly personalized emails from unknown senders.
Beware of Urgent Requests: Imitation emails often create a false sense of urgency, claiming your account is in jeopardy or unauthorized transactions have occurred. These emails will urge you to update your account information immediately. Always verify such claims independently.
Avoid Entering Personal Information: Some imitation emails are designed to look like legitimate websites to trick you into entering personal information. Docusign never asks for personal information, such as login credentials, via email.
Inspect the Address Bar: Even if the address looks legitimate, check your browser’s URL bar for signs of a phishing site. A phishing site’s URL may slightly deviate from the legitimate one, like using “docusing.com” instead of “docusign.com.” Pay attention to browser warnings about untrusted sites or certificates.
Look for Errors: Imitation emails often contain bad grammar and misspellings. These mistakes may be intentional to avoid spam filters. If an email is poorly written, be extra cautious.
Check for HTTPS: The term “https” should precede any website that requests personal information (the “s” stands for secure). If you don’t see “https,” you’re not in a secure web session and should avoid entering any personal data. A legitimate Docusign sign-in page always starts with “https://.”
Avoid Pop-ups: Docusign never uses pop-up boxes in emails. Pop-ups are not secure and should not be trusted.

Conclusion:

By staying informed and vigilant, you can help protect yourself and your organization from Docusign-related security threats. Report any suspicious activities promptly through the appropriate channels to ensure swift action and maintain a secure digital environment.

For those who would like more detailed information regarding this bulletin, please visit the following links:

https://www.docusign.com/blog/tools-to-protect-your-data-phishing

This bulletin is intended to keep you informed about the latest cyber threats, cybersecurity news, and how to protect yourself. If you have any questions or need further assistance, please contact our support team.

Planning for IT Expansion: Budgeting for the Future of Your SMB

Mastering IT Budgeting: A Smarter Approach for Small and Mid-Sized Businesses

Understanding Backup Management: Why Your Business Needs a Solid Backup Strategy

How to Ensure Your Business is Ready for the Next Technological Disruption

Backup Management: Safeguarding Your Business – Why It’s More Critical Than Ever

Security Bulletin