We all know how convenient, and lately, necessary, electronic documents have become, however bad actors have also taken notice, using this service to their advantage. One click on the wrong document has the power to have a significant negative impact on your company’s environment.

What is a DocuSign Phishing Attack?

DocuSign is a popular electronic signing service provider, allowing users to quickly use eSignatures to sign and send documents mobily.

Scammers are able to create perfect replicas of original DocuSign emails from your LP, client, vendor, or Portfolio Company.

To an untrained eye, a fake DocuSign email can look legit, but once clicked on, can automatically download malware onto your computer, or phish your password.

Docusign Phishing E-mail
Here is an actual example of a fake DocuSign document used in a recent phishing attack

How to Protect Yourself and Your Company

If you receive a Docusign (or Adobe Sign, Zix, Hello Sign, or any other “click here to get your secret message or document”) these are the golden rules to follow, to avoid being phished:

  1. Never click on a link in the email
  2. Always copy the document ID and in a browser go to the direct website (e.g. Docusign.com) and click on “Access Document” and paste in the Document ID

Following these easy steps will give you the peace of mind that you are signing an original document, rather than a malicious one. We at Hybridge can also help you ensure that a document has not been tampered with. Give us a call or send us an email with any questions. We can be reached at 888-353-1763 or at support (at) hybridge.com.


Share this blog: