Scam Of The Week: Massive DocuSign Phishing Attacks
DocuSign has admitted they were the victim of a data breach that has led to massive phishing attacks on May 9, 15, and 17 which used exfiltrated DocuSign information.
Hackers have stolen the customer email database of DocuSign, the company that allows companies to electronically sign documents. These criminals are now sending phishing emails that look exactly like the real DocuSign ones, but they try to trick you into opening an attached Word file and click to enable editing.
But if you do that, malware may be installed on your workstation. So if you get emails that look like they come from DocuSign and have an attachment, be very careful. If there is any doubt, pick up the phone and verify before you electronically sign any DocuSign email. Remember: Think Before You Click.