Docusign changing document info scam8/12/2023 Security vendor Avanan recently spotted a new DocuSign campaig n that bypasses most of the advice provided above, by using real DocuSign accounts. However, to complicate matters, phishers have now been discovered sending legitimate DocuSign emails from legitimate DocuSign accounts. There is no need to trust the sender, or the links in their email. (Don’t bother, it’s invalid.) If a scammer sends you a fake code it simply won't work. ![]() It will have a format similar to this one: EA66FBAC95CF4117A479D27AFB9A85F01. If you get a DocuSign email, visit, click 'Access Documents', and enter the security code provided in the email. We recommend that you use the “Alternate Signing Method” mentioned in legitimate DocuSign mails. Rather than trying to identify whether or not an email is bad, it's often safer (and no less convenient) to assume it's bad and ignore its links completely. We've included some examples of DocuSign phishing campaigns below.Ī fake Microsoft login screen triggered by a fake DocuSign invoice Remember, if you're in doubt, it is not stupid or rude to contact a sender by direct mail or another method, and verify the email’s authenticity (just don't hit "reply"). ![]() You can read an exhaustive list of things to look out for, as well as addresses to report suspicious activity on DocuSign's incident reporting page (although we recommend you simply opt for the safe document access option, described below). In the spam campaigns we have seen, documents were hosted at, , and some documents came as attachments, which DocuSign does not do.Īlso, the sender address should belong to, but that alone is not enough: We have seen spoofed messages coming from that address, so check for other indicators. If it is an actual DocuSign document it will be hosted at. Recipients can check links by hovering their mouse pointer over the document link in the email. Google searches for DocuSign almost doubled during March 2020, and stayed there, as so many people around the world started working from home.Įarlier this year, DocuSign specifically warned about phishing campaigns using its brand.ĭocuSign phishing emails have many of the tell-tale signs of other phishing attacks: Fake links, fake senders, misspellings, and the like. It also cuts back on human contact, which is particularly useful for remote working, or when everyone is locked down in a pandemic. Signing documents electronically saves a lot of paper and time. Now you can add DocuSign to that list.ĭocuSign is a service that allows people to sign documents in the Cloud. ![]() And the brands phishers like most are the ones you're expecting to hear from, or wouldn't be surprised to hear from, like Amazon or DHL. Senders should be familiar with institutional data policies and FERPA/HIPPA policies that may apply to items within documents being sent.Īfter the Author is satisfied that the Sender is sufficiently trained, the Author will send a permission change request to Tech Café through a service request emailed to: The eSignature Administrator will make the necessary changes with the system.Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. Videos and documents are available for Senders to view if Author wants to use these for training. Senders are identified and trained by Authors within the department. How to access Sender permission in DocuSign: Many additional resources are available in DocuSign University and in DocuSign support. ![]() Most of the videos are only a few minutes in length. This role does not allow the user to create templates, but a Sender can access uploads and templates that Authors have created and send these documents to others for review and signature.īefore using DocuSign to send documents to others, it is required that Senders review the following materials. Designated employees in departments will have Sender permission in DocuSign.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |