7/2/2019 @ 10:00 AM Pacific Time - New Phishing Campaign Observed Today
DocuSign has observed a new phishing campaign that began around 10:00 on the morning of July 2nd (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "firstname.lastname@example.org" The emails have the subject line similar to:
"You received notification from DocuSign Service“
These emails contain links to a malicious website that will download malicious executable to your computer. This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to email@example.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)