DocuSign has observed a new phishing campaign that began the morning of September 14th targeting individuals in the APAC region.

The email comes from "Stephanie Riches via DocuSign” (note, this name is subject to change) using the email address dse[_na2@docusigner.org](_na2@docusigner.org) (note the “R”). The email has the subject “Please DocuSign: Shareholder.pdf” and it contains a link to a zip file which in turn contains a malicious javascript file. This email is not sent from DocuSign. Do not click the link in this email, instead please forward it to spam@docusign.com and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).