DocuSign Users at Risk
Attackers are sending fraudulent DocuSign emails
with links to an authentic-looking (but fake) DocuSign login page designed to steal your credentials. Once attackers have your username and password, they can do real harm to you or your organization.
They might try to:
Reuse your password to access other accounts Collect sensitive data about you Use your accounts to trick others into giving up sensitive information
They might try to:
Reuse your password to access other accounts Collect sensitive data about you Use your accounts to trick others into giving up sensitive information
What Do I look for
Examine the Sender
Why would your company’s HR department use a different email domain (@refated.com)? Look for small details that seem off.
Look at Links
When you hover over a link, is the URL what you expect? This link takes you to blackberndental.ca. Is that really a page your HR team would use?
Consider Content with Context
Are you currently enrolling in benefits? Does your company typically use DocuSign? If the request seems odd, use caution.
Be careful of closings
Doesn’t this closing look like a real DocuSign email? Scammers often include official-looking text to trick you into thinking the email is legitimate.
How do I protect myself?
- Do not click any links
- Carefully examine the email
- Looks legitimate: Call or send an instant message to your IT team, security team, or even your boss to verify the email.
- Looks Suspicious: Report it to the appropriate people in your company.