Table of contents
- What is a DocuSign scam
- Signs of DocuSign phishing attack
- Types of DocuSign spam
- 1. Fake DocuSign invoice emails
- 2. Real DocuSign emails used for phishing
- 3. Malicious attachments in DocuSign emails
- How to protect yourself from DocuSign scam
- How to report DocuSign scammers
- Conclusion
What is a DocuSign scam
A DocuSign scam commonly involves phishing emails. Appearing to come from DocuSign, these fraudulent emails ask you to click on a link to an unsafe website or download a malicious attachment. The ultimate goal of these scams is to dupe victims into giving up personal and financial information.
But these are just one of many examples of internet scams. DocuSigns phishing scams are part of the larger category of social engineering attacks, which rely on manipulating and deceiving individuals into revealing personal information and infringing on their privacy.
Since DocuSign is a reputed e-signature service, scammers take advantage of victims’ trust in the company. And because users already associate DocuSigns with handling personal data, they may let their guard down and allow a scam to slip by them.
Here is the type of information a DocuSign scam may steal:
- Personal Identifiable Information: Your name, address, phone number, date of birth, etc
- Financial information: Bank account numbers, credit card information, PayPal credentials, etc
- Login details: For Docusign, email accounts, or other online services
- Personal or business documents: Stolen documents can be read by scammers to steal more data
- Your contact lists: This includes personal and business contacts.
DocuSign scams can be part of a spam campaign sent in bulk to a large number of recipients. Or they can be part of a spear phishing campaign tailored for a specific group or individual.
Signs of DocuSign phishing attack
Prevention is vital for minimizing potential damage from a DocuSign phishing attack. Though they can be deceptive, learning how to avoid phishing email scams will greatly reduce your chances of being targeted for an attack. If you spot them, stop further correspondence—and certainly don’t give out any personal or business information.
Here are signs of a DocuSign phishing attack:
- Unexpected/unsolicited emails: Weren’t expecting to sign any documents? A surprise email request for an e-signature on a document may likely be a phishing attack. Be cautious and definitely don’t sign anything unless you are sure it’s legitimate.
- Mismatched/unfamiliar sender: Scammers will employ email addresses that look similar to DocuSign in order to trick you. Always double-check a suspicious email. Also, don’t comply with any signature requests from unfamiliar senders.
- Suspicious links/attachments: A classic phishing ploy is to insert dangerous links or potentially malware-ridden attachments. Try hovering your cursor above a link to see a site’s actual URL before clicking. Real DocuSign documents are hosted at docusign.net.
- Strong or strange language: Be suspicious of any email requests that are pushy or urgent—they may be trying to pressure you into making a hasty decision. Also, misspellings, grammatical errors, or just plain weird language is another indicator of a potential scam.
Types of DocuSign spam
The most common DocuSign spam attacks are:
- Fake DocuSign invoice emails
- Real DocuSign emails used for phishing
- Malicious attachments in DocuSign emails
Let’s take a closer look at each of these scams:
1. Fake DocuSign invoice emails
DocuSign invoice emails attempt to trick you into signing a fake invoice. Here are the characteristics of this scam:
- It does not use your actual name: Instead, it uses a generic greeting, like: “Dear Recipient.”
- The security code is too short: A DocuSign security code is six characters long.
- It does not say “Review Document:” Authentic DocuSign correspondence will include this phrase if a document needs to be signed.
- Poor language: Look out for spelling and grammar mistakes or strange spacing. These are signs of a fake DocuSign email.
2. Real DocuSign emails used for phishing
A more deceptive attack uses real DocuSign accounts to send phishing emails. Scammers upload a file to an authentic DocuSign account and send it to the target email. The recipient will receive an original DocuSign email with a legitimate security code—but with a malicious file that could have a virus.
Though getting an infected attachment past DocSign’s security is hard, attackers can easily get you to click a link within a DocuSign-hosted document that sends you to a dangerous website.
3. Malicious attachments in DocuSign emails
In these scams, fake DocuSign email accounts send fake invoices with malicious attachments to a target. Once the target opens the attachment, they are directed to a fake Microsoft login screen where they are prompted to sign in. Scammers use this ploy to harvest the target’s login details.
How to protect yourself from DocuSign scam
Avoiding a DocuSign scam altogether is better than recovering from the fallout of one. Here are some ways to protect yourself from a DocuSign scam:
- Be skeptical: Never trust any unknown or unverified correspondence—especially if they ask you to sign a document or follow a link.
- Verify Senders: Match a sender’s phone number and email with legitimate DocuSign contact information.
- Don’t click links: Unless you're certain of their legitimacy, do not click links from unverified sources.
- Don’t share personal info: The end goal of these scams is to get your personal or business info. So don’t share anything you might regret.
Sometimes, scams are so slick they can slip right past you. A dedicated cybersecurity app, like Clario AntiSpy, can help you stop scams in their tracks. Amongst its arsenal of tools, AntiSpy features a browser extension that alerts you when you are about to go on a fraudulent website. Additionally, Clario AntiSpy will notify you when it detects tracking software, adware, or malware on websites you visit.
Here’s how to use Clario AntiSpy’s browser extension:
- Download Clario AntiSpy and get a subscription to create an account
- Click Safe browsing on the left-side menu
How to report DocuSign scammers
Sometimes, DocuSign scams are unavoidable. If you've fallen victim to a scammer, you’ll need to report the incident to mitigate damages and prevent others from being targeted. Here’s how:
- Report the scam to DocuSign: Contact them at spam@docusign.net
- Report the scam to other authorities: Considering these scams may deal with highly sensitive material, you can contact local authorities—or even the Federal Trades Commission. Reporting a scam is one of the most direct and safe ways to get revenge on a scammer.
Conclusion
Prevention is key for dealing with DocuSign fraud. Luckily, if you are vigilant, you can easily avoid these scams—for the most part. But for true online security and protection, use an antispy tool, like Clario AntiSpy, to help you suss out scams.
Along with the Safe browsing feature, our dedicated cybersecurity tool contains a spyware scan to give you an in-depth overview of potential spy tools on your device and a data breach monitor that alerts you when your accounts are vulnerable to spies or if your data has been leaked online. Stay vigilant to all kinds of cyber threats using Clario AntiSpy.