Docusign has observed a new phishing campaign that spoofs Docusign with a fraudulent invoice notification, designed to harvest your Adobe Cloud credentials. The email appears to come from Mubanga, Chama though the body of the email uses the name Malyangu, Eric. It is using the domain '@plan-international.org.' The emails have the subject line similar to:

"Outstanding Invoice."

The emails contain a link that redirects to what looks like an Excel spreadsheet, but is actually a phishing page. The page itself appears blurred with a message appearing on the page, as a popup, asking recipients for their Adobe account details, including email address and password.

These emails are not sent from Docusign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper.