Skip to main content

ALERT:5/9/2017 - Malicious Email Campaign

05/09/2017

DocuSign is tracking a malicious email campaign where the subject reads: "Completed: docusign.com - Wire Transfer Instructions for recipient-name Document Ready for Signature”.

The email contains a link to a downloadable Word Document which is designed to trick the recipient into running what’s known as macro-enabled-malware. 

These emails are not associated with DocuSign. They originate from a malicious third-party using DocuSign branding in the headers and body of the email. The emails are sent from non-DocuSign-related domains including dse@docusgn.com (note the missing "I"). Legitimate DocuSign signing emails come from @docusign.com or @docusign.net email addresses. 

Please remember to be particularly cautious if you receive an invitation to sign or view a Document you are not expecting. If you have received a copy of the above email, DO NOT OPEN ANY ATTACHMENTS. Instead, forward the email to spam@docusign.com and then immediately delete the email from your system.

For further advice on how to recognize malicious emails and how to protect yourself you can visit our Trust Center here: https://trust.docusign.com/en-us/personal-safeguards/fraudulent-email-websites/ 

As a leader in online eSignature security and compliance, DocuSign has a zero-tolerance policy for this type of malicious email and is fully prepared to ensure minimal impact to our customers and company. As we’ve seen, this type of malicious activity is becoming more common, especially to organizations with established, trusted brands. Please note that this malicious activity has no relation to any activity DocuSign is involved.