Skip to main content
Blog
Home/Intelligent Agreement Management

A New Way to Stay Safe from Scams and Phishing

Author Docusign Team
Docusign Team
Summary4 min read

New fraud verification capabilities let you validate whether a Docusign email is legitimate or an impersonation.

    • How you can protect yourself from scams and phishing
          • Stay safe online

          Table of contents

          Fraud verification for Docusign

          Digital scams and phishing attempts are more prevalent than ever. Cybercriminals are constantly evolving their tactics, often using convincing methods to impersonate trusted platforms like Docusign to trick unsuspecting users. In this rapidly evolving landscape, Docusign is dedicated to keeping you alert, informed and empowered with the right tools to stay safe online while managing your agreements.

          That's why we're introducing an important new fraud verification capability. This feature is designed to help you quickly confirm an email's origin—is it a scam or did it genuinely come from Docusign?—giving you greater confidence and peace of mind.

          Now, if you receive a suspicious email or link that appears to be from Docusign, you can simply forward the email or use the “Forward as attachment” feature to send the email to verify@docusign.com. You’ll receive an automatic acknowledgment and, in two hours or less, a follow-up response confirming whether the content is legitimate or contains suspicious material, along with recommended actions. 

          How you can protect yourself from scams and phishing

          While we’re committed to providing robust security of our products and services, your vigilance is equally important. Here are steps you can take to protect yourself:

          1. Confirm that it’s actually from Docusign

          • Check the sender’s email address: Make sure the email comes from an official Docusign domain (such as @docusign.com or @docusign.net). Watch for misspellings, old logos, or anything that looks off.

          • Hover — don’t click — to check for suspicious links: If the URL doesn’t lead to docusign.com or docusign.net, don’t click.

          • Check for spelling and grammar errors: Phishing emails often contain mistakes or awkward language. Official Docusign communications are professionally written.

          • Access Docusign directly: Instead of clicking links in emails, go to www.docusign.com and log in to check for pending documents.

          • Look for personalization: Genuine Docusign envelopes usually include your name and relevant details. Be cautious of generic greetings like “Dear Customer.”

          2. Check that the sender isn’t a bad actor 

          Even if an email is genuinely from Docusign, bad actors can sometimes use real accounts for scams. Here’s what to do:

          • Verify the sender’s identity: Confirm the sender is someone you know and trust. If unsure, contact them directly using a known method—not by replying to the suspicious email.

          • Check with your organization: If the request is work-related, verify with your manager or IT department.

          • Check for unusual requests: Be wary if the document asks for information that seems out of the ordinary. Docusign will never ask for your password, Social Security number, or bank details via email.

          • Look for urgency or pressure: Scammers often try to rush you. Take your time to review any requests.

          • Be wary of unfamiliar transactions: If you weren’t expecting a Docusign envelope, verify its legitimacy before taking action.

          3. Take action if you suspect something unusual

          • Verify whether an email is fake or impersonated: Forward them to Docusign’s security team at verify@docusign.com, and quickly confirm the email’s origin.

          • Report suspicious Docusign envelopes: Use the “Report this email” link in the email footer or directly within the signing experience.

          • Report scams and fraud: If you suspect you’ve been targeted, visit the Docusign Safety Center for more information on how best to report the activity to local authorities.

          Stay safe online

          Think you can tell a real Docusign email from a fake one? We’ve shared some more tips to help you learn how to recognize phishing attempts and keep your data safe:

          To further protect yourself:

          • Use Two-Factor Authentication (2FA): Enable 2FA on your Docusign account for extra security.

          • Keep Software Updated: Make sure your operating system, browser, and software are up to date.

          The launch of verify@docusign.com is just one of the many ways we’re working to protect you from evolving threats. We encourage you to use this new service and follow the tips above to stay vigilant. Together, we can build a safer digital world.

          Author Docusign Team
          Docusign Team
          More posts from this author

          Related posts

          Docusign IAM is the agreement platform your business needs

          Start for FreeExplore Docusign IAM
          Person smiling while presenting