Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Scam Of The Week: Massive DocuSign Phishing Attacks

    DocuSign has admitted they were the victim of a data breach of customer email addresses only that has led to massive phishing attacks which used the exfiltrated DocuSign information. Ouch. So here is your Scam Of The Week. 

    They discovered the data breach when on May 9, 15, and 17 DocuSign customers were being targeted with phishing campaigns. They now are advising customers to filter or delete any emails with subject lines like:

    • Completed: [domain name] – "Wire transfer for recipient-name Document Ready for Signature"
    • Completed [domain name/email address] – "Accounting Invoice [Number] Document Ready for Signature"
    • Subject: “Legal acknowledgement for [recipient username] Document is Ready for Signature”

    The campaigns all have Word docs as attachments, and use social engineering to trick users into activating Word's macro feature which will download and install malware on the user's workstation.  DocuSign warned that highly likely there will be more campaigns in the future.  Here is an example, these emails look very real:

    DocuSign_Example_Phishing_Email.png

    I suggest you send the following to your employees, friends, and family. You're welcome to copy, paste, and/or edit:

    "Hackers have stolen the customer email database of DocuSign, the company that allows companies to electronically sign documents. These criminals are now sending phishing emails that look exactly like the real DocuSign ones, but they try to trick you into opening an attached Word file and click to enable editing.

     

    But if you do that, malware may be installed on your workstation. So if you get emails that look like they come from DocuSign and have an attachment, be very careful. If there is any doubt, pick up the phone and verify before you electronically sign any DocuSign email. Remember: Think Before You Click." 

    If you are a KnowBe4 customer, inoculate your users against this right away. In your console, go to Phishing Email Templates > System Templates and type DocuSign in the search box. You will see a ready-made, 4-star rated template.
    You can get a campaign out to all users in less than 2 minutes.

    Let's stay safe out there.

    Warm regards,

    Stu Sjouwerman

    Founder and CEO, KnowBe4, Inc.

     NewStu.png

    PS: If you are not a KnowBe4 customer yet, send a (free) Phishing Security Test to your users, and find out what the Phish-prone percentage of your employees is.  Often a very effective way to get IT security budget for new-school security awareness training.

    Get Your Free Phishing Security Test

    Don't like to click on buttons with redirects? Cut and paste this link in your browser:

    https://info.knowbe4.com/phishing-security-test-16

    Related Pages: Phishing

     

     

    Return To KnowBe4 Security Blog

    Topics: Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews