DocuSign Users Targets of Phishing Campaign - Be Vigilant

Discussion in '[H]ard|OCP Front Page News' started by Kyle_Bennett, May 17, 2017.

  1. Kyle_Bennett

    Kyle_Bennett El Chingón Staff Member

    May 18, 1997
    If you have ever used DocuSign, a way of digitally signing a document legally, it is likely that you are being phished, or will be soon. The company verified that its data had been breached this week.
    As part of our commitment to updating everyone as we identify new information during our investigation, we can now confirm that only people with a DocuSign account were impacted by this incident – those who signed a document without a DocuSign account were not among the list of email addresses that were accessed maliciously. That said, even though an employee or customer of yours would not be on the list unless they had an account with DocuSign, we would still encourage you to utilize the existing materials on the DocuSign Trust Center to help them avoid being the victims of phishing.

    DocuSign is pointing out that "just" the email addresses have been stolen, that means that the rest of your personal data is not exposed. But here is the issue. Folks are getting phishing emails that look like real DocuSign emails and clicking the links as they are used to doing which is resulting in some nastiness being released on your PC.
    The emails "spoofed" the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, installs malicious software.
    In order to combat this, and you have to be a DocuSign customer, you need to log directly into the DocuSign site to make sure the notices you are getting are genuine. I personally am never clicking anything ever again. I hope DuckDuckGo comes up with some more interesting landing pages.
  2. Chuklr

    Chuklr Gawd

    Nov 1, 2009
    :D Thanks for making me laugh! Go click free or wear a condom when you're online to be safe! :D
  3. nutzo

    nutzo [H]ardness Supreme

    Feb 15, 2004
    I've seen a lot of these over the past couple weeks. Coming from domains that look similar to

    My solution has been to ban the entire domain, just like anyone who sends me spam, their entire domain gets banned (unless it something like, then I just ban the email.
  4. Advil

    Advil [H]ard|Gawd

    Jul 16, 2004
    The stupid. It burns. Nice going DocuSign. Talk about a trove of email addresses that are almost all real primary accounts for people. Argh.