New Phishing Scam – Fake DocuSign Sites

Fake DocuSign sites show a new phishing scam is happening with fake emails and sites.

There is a strong demand for digital document management and electronic signature validated transactions. By offering technologies focused on these needs, DocuSign emerged and gained a significant market used worldwide.

However, this well-known e-signature service witnessed a portion of its database intercepted, allowing multiple clients to be attacked by phishing scams sending fake DocuSign requests.

Here’s what you need to know about these fake DocuSign sites!


DocuSign Site Scams

DocuSign’s customers are mostly businesses. Although the service made it easier to send documents back and forth for approval, signing, or review, criminals have also used it to infiltrate corporate networks by sending fake DocuSign requests to office workers from fake DocuSign email addresses.

The methods have been relatively simple: they sent out fake requests to a victim to review a document. So now you’re wondering, is DocuSign legit?

The spoofed DocuSign email address is a near to perfect replica of the DocuSign correspondence that it’s hard to question its authenticity. It has a link at the bottom, which takes users to a preview of a DocuSign document overview upon clicking, similar to a valid DocuSign overview landing page.

However, the document is represented half and requires the victim to click to view the complete document. When the user clicks it, they are asked to enter their credentials, which the criminals use to infiltrate other systems.

It’s an old trick, but because the messages were well-targeted, targeting DocuSign customers, it is harder for recipients to catch the trap.

How to Protect Yourself from Fake DocuSign Sites

Phishing scams through such fake sites can have serious consequences for businesses. However, you can avoid them by:

  • Always verifying the authenticity of the email address by reaching out to the sender before clicking any links
  • Enabling enhanced two-factor authentication (2FA) for adding another layer of security
  • Being careful and training staff to avoid unrequested links and attachments that could be part of phishing scams

DocuSign scams are on the rise across the world. Use these tips to smoke them out and protect yourself! Need more information?