DocuSign has observed a new phishing campaign that began the morning of September 19th (Pacific Time). The email purports to come from "DocuSign Electronic Signature" using the email address [email protected]. The emails all have the subject:

"You received / got invoice from DocuSign Signature Service / DocuSign Electronic Signature Service / DocuSign Service"

These emails contain links to a malicious Word document. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to [email protected] and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).

DocuSign has observed a new phishing campaign that began the morning of September 4th (Pacific Time). The email purports to come from "DocuSign Signature and Invoice" using the email addresses [email protected]. The emails all have the subject:

"You received / got invoice from DocuSign Signature Service / DocuSign Electronic Signature Service / DocuSign Service"

These emails contain a malicious PDF attachment linking to a malicious download site. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to [email protected] and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).

DocuSign uses the latest innovations and industry knowledge to keep our customers safe, but it takes awareness and dedication from everyone involved to reach maximum security. Read about our top pointers to help you stay safe online:

• Create complex, unique passwords and keep them secure: don’t write down or share passwords—and be extra careful when using public or shared computers.
• Take IT precautions to protect against spam: keep your anti-virus software up-to-date; provide trainings on phishing and fraudulent activities, etc.  
• Be on the lookout for fraudulent emails and unsafe websites: proceed with caution when accessing unfamiliar emails and websites. Unrecognizable links, bad grammar and misspellings, and fake greetings can all be red flags that indicate a phishing email. For website safety, make sure “https” is in your browser address bar if you’re entering any personal information.

Remember: online safety starts with you. You’re the first and best line of defense in fighting online fraud. Learning how to identify and steer clear of phishing scams, social engineering attempts, and other types of online fraud is the best way to protect yourself and your information.

Visit our Security Resources page for more safety essentials, including our Combating Phishing white paper, to help keep you and the greater online community safe.

DocuSign has observed a new phishing campaign that began the morning of July 19th (Pacific Time). The email purports to come from DocuSign using the email addresses [email protected] The emails all have the subject:

"ADP sent you a new document to sign"

These emails contain a malicious Word document as an attachment, ADP-Document-3810922.doc. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to [email protected] and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).

DocuSign has observed a new phishing campaign that began the morning of July 10th (Pacific Time). The email purports to come from DocuSign using the email addresses [email protected]. The emails all have the subject:

"You have a new document to review and sign"

These emails contain a malicious Word document as an attachment, 3873JDSB987391.doc. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to [email protected] and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)