Trust is an essential component to what we do. We respect that our customers count on us for mission-critical tasks, and security is key to the solution. While DocuSign has a robust set of controls to ensure the highest levels of security, we urge our customers and even non-customers to take action to help ensure the internet is safe for all. This includes challenges such as spam, malware and viruses, which can wreak havoc on businesses.
What is malware?
Malware is short for “malicious software,” such as computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious or unwanted software. It is computer code and programs that can do anything from mildly annoy you, to stop your productivity, to harm your computer or steal information that can be used to access highly sensitive accounts, either business or personal.
How can you identify it?
To identify malware, it’s always smart and necessary to have antivirus and antispyware software installed on your computer. A wide range of software types are available, including many free downloads. These can help protect your computer from being infected and also detect when malware has been installed. Anti-virus software is constantly updated by vendors as new variants emerge, so it’s important in detecting malicious code to always keep your anti-virus software for malicious code detection updated.
Why does it exist?
There are two common reasons why malware is created: fun and profit. Some people are just out to cause a little mayhem. However, your information has value – and to us at DocuSign, spam, malware and viruses are anything but fun. The more dangerous version comes from those who are looking for information they can use or sell: passwords to access your financial information, your identity, or access to business data, such as credit card numbers—just about any sensitive data is sensitive because of its value. The creators of malware seek quick, easy—and illegal—gains.
How they get your email?
One of the most common ways to get infected by malware or a virus is from someone with whom you’ve already had email contact. If someone you know has become infected by inadvertently opening an attachment or clicking a malicious link, the malware will immediately try to infect other computers. It does this by automatically sending emails with the same malware attachment to all email addresses found on the recently-infected computer.
What we do about it when we see it?
At DocuSign, we take malware extremely seriously. Whenever we encounter malware, we immediately register the problem with antivirus companies, who then add it to their lists of scans. The sooner this happens the more quickly the damage of the virus can be minimized. In addition, because creation of malware is illegal, we contact the FBI to report the incident and partner with their cyber security team to track down the perpetrator. When we trace the incident, we contact the people who manage the offending servers and have them shut down immediately.
What should you do if you think you’ve received an infected email?
- DO NOT OPEN any files or executable attachments
- Immediately DELETE the malicious email
- Ensure your anti-virus software is enabled and up to date
For additional steps contact your anti-virus software company of choice or your company’s IT department.
While malware and viruses can be complicated and tricky, I hope this quick overview helps you understand the problem, identify malware early and kill/report it. In fact, help us clean up the Internet by turning in spammers as soon as you come across them. Here are links to submit malware to McAfee and Microsoft.