DocuSign has observed a new phishing campaign that spoofs not only DocuSign, but is attempting to take advantage of the global COVID-19 situation by claiming to contain FAQs as they relate to your company's health insurance plan, and whether testing for the virus is covered. The email is using the email address “abuse@createandgo.com” and the SMTP address of "awwco@zygcsj.com." The subject line is "COVID-19 Update T Customers" and similiar.

These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper.