New DocuSign Phishing Scams: What You Need to Know

A new and sophisticated cybersecurity threat has emerged, targeting businesses and individuals through seemingly legitimate DocuSign emails. This blog post aims to raise awareness about this scam and provide essential tips to protect yourself and your organization.

Understanding the Threat

Cybercriminals are exploiting DocuSign’s APIs to send fake invoices that appear genuine. Unlike traditional phishing attempts, these scams use actual DocuSign accounts and templates, making them particularly hard to detect. By using legitimate DocuSign accounts, scammers bypass many standard security filters, increasing the risk of recipients interacting with these fraudulent requests.

Why It’s So Dangerous

Several factors make this scam especially concerning:

• Authenticity: These emails often evade security filters, as they come from real DocuSign accounts.
• Brand Imitation: Mimicking trusted brands makes these scams hard to distinguish from legitimate requests.
• Rapid Growth: This scam has surged in recent months, allowing attackers to target multiple organizations at once.

How the Scam Works

1. Creating Accounts: Attackers register genuine DocuSign accounts, increasing the likelihood of bypassing security.
2. Sending Realistic Invoices: They use templates with accurate pricing and fees, making invoices look credible.
3. Requesting Unauthorized Payments: Once an invoice is “signed,” attackers may request direct payments, often creating urgency to push for payment.

Protecting Yourself

To defend against these scams, consider the following:

• Verify Credentials: Always check the sender’s details, especially if anything appears suspicious.
• Use Multi-step Authorization: Require multi-step approval for financial transactions, especially unusual ones.
• Double-Check Unexpected Invoices: Confirm payment requests by contacting the sender through a verified channel.

Important Reminder: Legitimate organizations will never ask you to authorize payments or provide sensitive information solely based on an email or DocuSign request. When in doubt, verify through official channels.

How CDML Can Help

At CDML, we offer security solutions that can help mitigate risks from scams like these. Advanced spam blockers, employee cybersecurity training, and geo-IP blocking add essential protection to reduce threats before they reach your inbox. Trained employees are better equipped to recognize suspicious emails, while spam blockers and geo-blocking add extra security layers.

Stay Vigilant

Cybercriminals are always adapting their tactics, and this DocuSign scam is a reminder of how authentic these threats can look. If you suspect a fraudulent DocuSign email, contact our team immediately.