Scam of the Week: Massive DocuSign Phishing Attacks


DocuSign has admitted they were the victim of a data breach that has led to massive phishing attacks which used exfiltrated DocuSign information. Ouch. So here is your Scam of the Week.

They discovered the data breach when on May 9, 15, and 17 DocuSign, customers were being targeted with phishing campaigns. They now are advising customers to filter or delete any emails with specific subject lines. We do not repeat them here, because this newsletter might be filtered out, but you can see them at the blog, together with screenshots:
https://blog.knowbe4.com/scam-of-the-week-docusign-phishing-attacks

The campaigns all have Word docs as attachments, and use social engineering to trick users into activating Word’s macro feature which will download and install malware on the user’s workstation. DocuSign warned that it is highly likely there will be more campaigns in the future. ​

So if you get emails that look like they come from DocuSign and have an attachment, be very careful. If there is any doubt, pick up the phone and verify before you electronically sign any DocuSign email. Remember: Think Before You Click.”

Advertisements

About Kevin

Mayor - City of Oakley, Data Center Manager of Mainframe Operations and Optimization – USS-POSCO INDUSTRIES, Co-Founder and Board Member - Friends of Oakley A Community Foundation, Advisory Board – Opportunity Junction, Commissioner - Contra Costa Transportation Authority, Board Member - Tri Delta Transit and Transplan
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s