DocuSign – a Recent Phishing Scam
DocuSign, a reputable firm known for being the industry-leader in online documentation distribution and signing, was recently a victim of a phishing attack. During the week of May 8 and again the week of May 15, DocuSign detected an increase in phishing emails sent to some of its customers and users. The emails “spoofed” the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, installs malicious software. The emails may come from firstname.lastname@example.org or something similar and Subject Lines may reference a completed wire transfer or complete accounting invoice. The company was able to determine a third party had gained temporary access to their non-core system which allowed them access to email addresses for customers with DocuSign accounts. The good news is no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed. The bad news is for those who received the spoofed emails, clicked on the link to open the Word document and allowed the macro to run. Their computers are now infected, limiting access to their information or they may even be asked to pay money to unlock access to their computer files.
This case once again highlights the importance of being wary of opening emails and especially clicking hyperlinks from within emails that you aren’t familiar with or weren’t expecting. Be sure to educate your family and employees about the possible consequences of clicking on the wrong link and encourage them to thoroughly review the email account it comes from, type the url for a link into a browser if possible vs. clicking on a link within an email and not opening attachments from sources they weren’t expecting to receive.