{"id":2926,"date":"2025-05-28T07:18:38","date_gmt":"2025-05-28T07:18:38","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=2926"},"modified":"2025-05-28T07:18:39","modified_gmt":"2025-05-28T07:18:39","slug":"dont-give-your-private-information-to-fraudsters-dodging-docusign-rip-off-emails","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=2926","title":{"rendered":"Don\u2019t give your private information to fraudsters: Dodging Docusign rip-off emails"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p class=\"sub-title\">Cybercriminals impersonate the trusted e-signature model and ship faux Docusign notifications to trick individuals into giving freely their private or company information<\/p>\n<div class=\"article-authors d-flex flex-wrap\">\n<div class=\"article-author d-flex\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/our-experts\/phil-muncaster\/\" title=\"Phil Muncaster\"><picture><source srcset=\"https:\/\/web-assets.esetstatic.com\/tn\/-x45\/wls\/2021\/04\/Phil_Muncaster.jpg\" media=\"(max-width: 768px)\"\/><img decoding=\"async\" class=\"author-image me-3\" src=\"https:\/\/web-assets.esetstatic.com\/tn\/-x45\/wls\/2021\/04\/Phil_Muncaster.jpg\" alt=\"Phil Muncaster\"\/><\/picture><\/a><\/div>\n<\/div>\n<p class=\"article-info mb-5\">\n        <span>27 Could 2025<\/span><br \/>\n        <span class=\"d-none d-lg-inline\">\u00a0\u2022\u00a0<\/span><br \/>\n        <span class=\"d-inline d-lg-none\">, <\/span><br \/>\n        <span>5 min. learn<\/span>\n    <\/p>\n<div class=\"hero-image-container\">\n        <picture><source srcset=\"https:\/\/web-assets.esetstatic.com\/tn\/-x266\/wls\/2025\/05-25\/docusign-phishing-scams.jpeg\" media=\"(max-width: 768px)\"\/><source srcset=\"https:\/\/web-assets.esetstatic.com\/tn\/-x425\/wls\/2025\/05-25\/docusign-phishing-scams.jpeg\" media=\"(max-width: 1120px)\"\/><img decoding=\"async\" class=\"hero-image\" src=\"https:\/\/web-assets.esetstatic.com\/tn\/-x700\/wls\/2025\/05-25\/docusign-phishing-scams.jpeg\" alt=\"Word to the wise: Beware of fake Docusign emails\"\/><\/picture>    <\/div>\n<\/div>\n<div>\n<p>Bear in mind once you used to must print, signal, scan, e-mail and\/and even fax each time you wished to signal and ship an official doc? Right this moment, a lot of the arduous work is completed behind the scenes by cloud app suppliers like Docusign.<\/p>\n<p>However like all tech manufacturers, as soon as it has reached a crucial mass of customers, cybercriminals will search for methods to abuse it for their very own ends. Docusign claims to have 1.6 million prospects around the globe, together with 95% of the Fortune 500, and over one billion customers. That has put it firmly within the crosshairs of menace actors. Learn on to grasp the right way to maintain your workers protected from Docusign-themed phishing.<\/p>\n<h2>How does Docusign phishing work?<\/h2>\n<p>Social engineering is among the largest threats to what you are promoting. In line with <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.verizon.com\/business\/resources\/T23a\/reports\/2025-dbir-data-breach-investigations-report.pdf\" target=\"_blank\" rel=\"noopener\">Verizon<\/a>, phishing is now an preliminary entry vector for 19% of information breaches, whereas a whopping 60% characteristic a \u201chuman component.\u201d As a trusted and well known model, Docusign is a pure alternative for menace actors seeking to harvest company logins and probably monetize assaults in different methods.<\/p>\n<p>Victims will usually obtain an e-mail with a spoofed <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/support.docusign.com\/s\/articles\/000045001?language=en_US&amp;rsc_301\" target=\"_blank\" rel=\"noopener\">Docusign \u201cenvelope\u201d<\/a> requesting that they click on on a big yellow field to \u201coverview doc.\u201d There may additionally be an attachment that includes a QR code. Each actions may result in the identical end result: the sufferer is taken to a phishing web site comparable to a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.reddit.com\/r\/Scams\/comments\/1h5y6yo\/i_fell_for_the_docusign_scam_now_what\/\" target=\"_blank\" rel=\"noopener\">faux Microsoft login web page,<\/a> and requested to enter private and\/or monetary data.<\/p>\n<p><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/2022\/02\/04\/think-before-scan-how-fraudsters-exploit-qr-codes\/\">QR codes<\/a> are additionally widespread as they require the person to scan with their cell machine, which can not have safety software program put in to stop them from being taken to a malicious web page. Both approach, a focused phishing assault like this might additionally allow menace actors to realize an important foothold in company networks, in addition to for privilege escalation, lateral motion and information exfiltration\/ransomware.<\/p>\n<h3>Some examples<\/h3>\n<p>Over the previous few months, incidents have emerged of:<\/p>\n<ul>\n<li>\u201cReputable\u201d Docusign <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.infosecurity-magazine.com\/news\/cybercriminals-exploit-docusign\/\" target=\"_blank\" rel=\"noopener\">envelopes that spoof invoices<\/a> from suppliers, in a bid to trick corporations into transferring cash.<\/li>\n<li><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.infosecurity-magazine.com\/news\/docusign-phishing-targets-us-state\/\" target=\"_blank\" rel=\"noopener\">Pretend bill scams<\/a> impersonating US state and municipal companies and designed to trick suppliers into wiring cash.<\/li>\n<li>Cybercriminals are usually not spoofing faux Docusign emails, however as an alternative registering actual accounts with the corporate, and <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/lab.wallarm.com\/attackers-abuse-docusign-api-to-send-authentic-looking-invoices-at-scale\/\" target=\"_blank\" rel=\"noopener\">utilizing its APIs<\/a> to ship out authentic envelopes spoofing widespread manufacturers.<\/li>\n<li>Common phishing emails spoofing the Docusign model and taking the person to phishing login pages. These may mimic company HR and payroll departments, and even exterior entities like municipal authorities.<\/li>\n<li><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.reddit.com\/r\/Scams\/comments\/1cnl6qv\/docusign_email_actually_looks_legit_butwhats_the\/\" target=\"_blank\" rel=\"noopener\">Refund scams<\/a> which cite a faux transaction and attempt to drive the sufferer into calling a quantity in the event that they need to cancel it. As soon as on the telephone, they\u2019ll be persuaded handy over their private\/monetary\/card particulars to assert the \u2018refund\u2019.<\/li>\n<\/ul>\n<div class=\"gallery-wrap-images\">\n<figure class=\"image\"><a rel=\"nofollow\" target=\"_blank\" target=\"_blank\" title=\"paypal-docusign-scam-1\" href=\"https:\/\/web-assets.esetstatic.com\/wls\/2025\/05-25\/paypal-docusign-scam-1.png\"><img decoding=\"async\" src=\"https:\/\/web-assets.esetstatic.com\/wls\/2025\/05-25\/paypal-docusign-scam-1.png\" alt=\"paypal-docusign-scam-1\"\/><\/a><\/figure>\n<figure class=\"image\"><a rel=\"nofollow\" target=\"_blank\" target=\"_blank\" title=\"paypal-docusign-scam-2\" href=\"https:\/\/web-assets.esetstatic.com\/wls\/2025\/05-25\/paypal-docusign-scam-2.png\"><img decoding=\"async\" src=\"https:\/\/web-assets.esetstatic.com\/wls\/2025\/05-25\/paypal-docusign-scam-2.png\" alt=\"paypal-docusign-scam-2\"\/><\/a><\/figure>\n<\/div>\n<h2 style=\"text-align: center;\"><em style=\"font-size: medium; font-weight: 400;\">Instance of a rip-off abusing individuals\u2019s belief in Docusign for information theft (Supply:\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.reddit.com\/r\/Scams\/comments\/1g4kgbk\/paypaldocusign_scam\/\" target=\"_blank\" rel=\"noopener\">Reddit<\/a>)<\/em><\/h2>\n<h2>Staying protected<\/h2>\n<p>Thankfully, there\u2019s a lot you are able to do to maintain your self and your organization protected from Docusign threats. From an organization\u2019s perspective, the primary plan of action is to concentrate on the dangers and replace your <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/2022\/06\/21\/phishing-awareness-training-help-employees-avoid-hook\/\" target=\"_blank\" rel=\"noopener\">phishing consciousness applications<\/a> to make sure workers are in a position to spot the warning <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/2023\/02\/15\/10-signs-scammers-sights\/\" target=\"_blank\" rel=\"noopener\">indicators of a rip-off e-mail<\/a>. Simulation instruments <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/business-security\/making-it-stick-get-most-cybersecurity-training\/\" target=\"_blank\" rel=\"noopener\">needs to be customizable sufficient<\/a> to assist this.<\/p>\n<p>Issues employees needs to be taught to look out for embody:<\/p>\n<ul>\n<li>Vacation spot URLs: hover over any hyperlinks\/buttons in Docusign emails to verify the vacation spot URLs are authentic.<\/li>\n<li>Safety codes: these ought to characteristic on any authentic Docusign e-mail (within the \u201calternate sign up methodology\u201d part) and permit the person to entry a doc straight on the Docusign web site moderately than observe hyperlinks in an e-mail.<\/li>\n<li>Attachments: there needs to be no attachments in an preliminary Docusign e-mail. Solely as soon as a doc has been signed will you obtain a completed model of it by way of attachment.<\/li>\n<li>Spelling, grammatical and tonal errors: are one other tell-tale signal of a phishing e-mail.<\/li>\n<li>An e-mail signature and sender title\/e-mail tackle that don\u2019t match.<\/li>\n<\/ul>\n<p>Layer up defenses on high of the safety consciousness piece by together with issues like:<\/p>\n<ul>\n<li>Multi-factor authentication (MFA) for all company accounts, which is able to make it more durable for hackers to entry your information, even when they do handle to steal your logins.<\/li>\n<li>Password hygiene, together with use of robust, distinctive passwords for every account, saved in a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/2023\/04\/11\/10-things-look-buying-password-manager\/\" target=\"_blank\" rel=\"noopener\">password supervisor<\/a>.<\/li>\n<li>A multi-layered safety device from a good vendor like <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.eset.com\/us\/business\/solutions\/mail-security\/\" target=\"_blank\" rel=\"noopener\">ESET<\/a>, which, amongst different issues, detects malicious attachments, prevents customers from following hyperlinks to phishing websites, and allows directors to manually outline e-mail filtering situations and actions.<\/li>\n<li>Up to date coverage to induce customers to not open attachments or observe hyperlinks in any unsolicited emails, and solely entry Docusign docs by way of the safety code.<\/li>\n<li>Altering inside enterprise processes concerning fund transfers, in order that any giant sums are topic to additional scrutiny.<\/li>\n<li>Encouraging customers to report all suspicious Docusign-themed emails to your IT\/safety crew and to <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/scams\/personal-data-fraudsters-docusign-scam-emails\/mailto:spam@docusign.com\">spam@docusign.com<\/a>.<\/li>\n<\/ul>\n<h2>What to do should you fall sufferer<\/h2>\n<p>If the worst occurs and an worker <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/scams\/getting-off-hook-10-steps-take-clicking-phishing-link\/\">does click on by way of<\/a> on a Docusign rip-off, you as an admin might want to work by way of a particular set of actions, together with:<\/p>\n<ul>\n<li>Reset passwords for the impacted person, together with any accounts that they could have reused credentials throughout<\/li>\n<li>Run a malware scan on the sufferer\u2019s machine to detect and take away any malicious code<\/li>\n<li>Isolate the machine from the community to comprise the \u201cblast radius\u201d of an assault<\/li>\n<li>Monitor the darkish net for <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/cybercrime\/dont-become-statistic-defending-data-dark-web\/\">indicators of knowledge theft\/leakage<\/a><\/li>\n<li>Monitor the sufferer\u2019s accounts for uncommon exercise<\/li>\n<li>Dig deeper with forensics to grasp what the attacker wished and whether or not they managed to realize elevated inside entry<\/li>\n<li>Use the occasion as a studying second for workers: encouraging them to report suspicious emails quickly and to be on their guard generally about unsolicited emails<\/li>\n<\/ul>\n<p>In fact, Docusign isn\u2019t simply utilized by companies. You may need been uncovered to it in a private capability when shopping for a home or finishing tax paperwork. In that case, most of the ideas above will nonetheless stand you in good stead. Digital signing apps are a terrific time-saver. However be sure you don\u2019t get caught out by scammers exploiting your belief in these apps.<\/p>\n<p><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.eset.com\/us\/about\/newsroom\/awards\/eset-triumphs-as-av-comparatives-2024-product-of-the-year\/\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"\" src=\"https:\/\/web-assets.esetstatic.com\/wls\/2025\/05-25\/eset-av-comparatives-award.png\" alt=\"eset-av-comparatives-award\" width=\"\" height=\"\"\/><\/a><\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals impersonate the trusted e-signature model and ship faux Docusign notifications to trick individuals into giving freely their private or company information 27 Could 2025 \u00a0\u2022\u00a0 , 5 min. learn Bear in mind once you used to must print, signal, scan, e-mail and\/and even fax each time you wished to signal and ship an official [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":2928,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[157,2824,2823,2476,2825,1864,2822,579,1325],"class_list":["post-2926","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-data","tag-docusign","tag-dodging","tag-dont","tag-emails","tag-fraudsters","tag-give","tag-personal","tag-scam"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/2926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2926"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/2926\/revisions"}],"predecessor-version":[{"id":2927,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/2926\/revisions\/2927"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/2928"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-05-13 17:07:29 UTC -->