Malicious email campaign uses DocuSign branding and mailing list to lure recipients

  • Last week, DocuSign warned users to be wary of unexpected emails with a certain subject line.
  • This week, the company shares more details, including the fact that the third party responsible for the email was able to access DocuSign customer email addresses (but nothing else, the company says).

Future-Proof: Navigate Threats, Seize Opportunities at ICNY 2018 | Jan 22-26 at the Marriott Marquis, Times Square, New York

Did you get a DocuSign agreement sent to you lately that didn't quite look right -- and that had a Word document attached for download? If you downloaded that document, then you could have installed malicious software onto your device. A week ago, the company posted a note in its Trust Center about the campaign. It warned users to be wary of unexpected emails with the subject line "Completed: - Wire Transfer Instructions for recipient-name Document Ready for Signature” and including a Word document for download. The invitation to download the document was "designed to trick the recipient into running what’s known as macro-enabled-malware," said DocuSign in the post. What's the 'malicious campaign'? A valid DocuSign email will invite the recipient to view and sign a PDF through the company's secure platform rather than attach a document download -- but this campaign is targeting actual DocuSign customers, and many of them might not hesitate to download a doc...