10
May
2017

DocuSign Phishing Scheme

Today we are seeing a phishing scheme in which there is a fake message from “DocuSign,” asking you to review a document. This message is a phishing scheme designed to capture your credentials and/or deliver malware. The actual sending address is from “@docusgn.com” instead of “@docusign.com”. If you hover over the “review document” link (which you should always do!), you’ll see that you’ll be visiting a website in Russia.

We have posted an example of this message along with an example of an actual DocuSign notice on the campus InfoSec website.

http://www.csusm.edu/security/securitybulletins/bulletins/5_10_17.html

In some cases, Microsoft “quarantined” this message but the user, thinking it was an error, opened the message. Please use extreme caution when accessing quarantined messages.

Feel free to contact abuse@csusm.edu if you think a quarantined message may be a) quarantined in error and b) important.

Also, contact us right away if you received the phishing message and clicked the link.

Share this release
Share on: Twitter
Share on: Facebook
Share on: LinkedIn
Latest news
Most Popular