Scam of the Week: Massive DocuSign Phishing Attacks

DocuSign has admitted they were the victim of a data breach that has led to massive phishing attacks which used exfiltrated DocuSign information. Ouch. So here is your Scam Of The Week.

They discovered the data breach when on May 9, 15, and 17 DocuSign customers were being targeted with phishing campaigns. They now are advising customers to filter or delete any emails with subject lines like:

  • Completed: [domain name] – “Wire transfer for recipient-name Document Ready for Signature”
  • Completed [domain name/email address] – “Accounting Invoice [Number] Document Ready for Signature”
  • Subject: “Legal acknowledgement for [recipient username] Document is Ready for Signature”

The campaigns all have Word docs as attachments, and use social engineering to trick users into activating Word’s macro feature which will download and install malware on the user’s workstation.  DocuSign warned that highly likely there will be more campaigns in the future.  Here is an example, these emails look very real:

DocuSign_Example_Phishing_Email.png

I suggest you send the following to your employees, friends, and family. You’re welcome to copy, paste, and/or edit:

“Hackers have stolen the customer email database of DocuSign, the company that allows companies to electronically sign documents. These criminals are now sending phishing emails that look exactly like the real DocuSign ones, but they try to trick you into opening an attached Word file and click to enable editing.

But if you do that, malware may be installed on your workstation. So if you get emails that look like they come from DocuSign and have an attachment, be very careful. If there is any doubt, pick up the phone and verify before you electronically sign any DocuSign email. Remember: Think Before You Click.”

 

[contentblock id=72 img=gcb.png]

 

 Hello! 

CEO, Author of the #1 Risk to Small Businesses

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
>
A note to our visitors

This website has updated its privacy policy in compliance with changes to European Union data protection law, for all members globally. We’ve also updated our Privacy Policy to give you more information about your rights and responsibilities with respect to your privacy and personal information. Please read this to review the updates about which cookies we use and what information we collect on our site. By continuing to use this site, you are agreeing to our updated privacy policy.