Recently, DocuSign admitted they were the victim of a data breach that has led to massive phishing attacks which used ex-filtrated DocuSign information. Ouch!!
DocuSign discovered the data breach when on May 9th, 15th, and 17th DocuSign customers were being targeted with phishing campaigns. They now are advising customers to filter, or delete, any emails with specific subject lines like these:
- Completed: [domain name] – “Wire transfer for [Recipient Name] Document Ready for Signature”
- Completed: [domain name / email address] – “Accounting Invoice [Number] Document Ready for Signature”
- Subject: “Legal acknowledgement for [Recipient Username] Document is Ready for Signature”
The campaigns all have Microsoft Word documents as attachments, and use social engineering to trick users into activating Microsoft Word’s macro feature which will download and install malware on the users’ workstation. DocuSign warned that it is highly likely there will be more campaigns in the future. Here is an example of what these emails look like. Notice how genuine looking they are.
I recommend forwarding this to all fellow employees and friends whom you know use DocuSign. As always, if ever there is any doubt about something you receive via email, either delete it and or call the sender and confirm.
The weakest link to your network security is also the greatest asset to your company. Choose wisely!