In today’s digital age, cyber threats are becoming increasingly sophisticated. One of the latest scams making the rounds involves fraudulent emails that appear to be from DocuSign, a widely used electronic signature service. These phishing emails are designed to trick recipients into providing personal information or signing documents that could compromise their security.
What is Phishing?
Phishing is a type of cyber attack where attackers disguise themselves as a trustworthy entity to steal sensitive information such as usernames, passwords, and credit card details. These attacks often come in the form of emails, messages, or websites that look legitimate but are actually malicious.
The DocuSign Phishing Scam
In this particular scam, cybercriminals send emails that seem to be from DocuSign, prompting recipients to sign a document. The email may look convincing, complete with logos and branding that mimic the real DocuSign emails. However, clicking on the link can lead to a fake website designed to steal your information.
How to Protect Yourself
Here are some tips to help you stay safe:
- Verify the Sender: Always check the sender’s email address. Legitimate DocuSign emails will come from an official DocuSign domain.
- Be Cautious with Unexpected Emails: If you receive a DocuSign email that you weren’t expecting, do not open it. Instead, contact the supposed sender directly to verify its authenticity.
- Look for Red Flags: Be wary of emails with urgent language, spelling errors, or unfamiliar links.
- Use Security Software: Ensure your computer and devices have up-to-date security software to help detect and block phishing attempts.
In the example photo above, you will notice a few red flags outlined in the red borders.
You may notice misspelled words, or awkward phrasing. One of the biggest red flags will be the fact that the sender’s email address does not match the domain of the company or service.
In this case, it should be ‘docusign.com’ or ‘docusign.net’ – in our example, it’s ‘far.media’, which does not belong to DocuSign. They even failed to spell ‘DocuSign’ correctly as well.
Lastly, your email security may show warnings of an external email message. Which doesn’t always mean it’s malicious, but acts as a reminder that the email arrived from outside of your organization.
Stay Informed
Your security is our top priority. For more detailed information and tips on how to stay safe from phishing scams, check out our latest blog posts here. We also offer a wide array of affordable email security options, as well as systems to train your entire staff on how to spot and avoid dangerous phishing emails that may come your way. And of course, if you just want to ask us a question or make sure an email is legit – feel free to contact us about it!