Alerts and updates

Alerts RSS Feed

  • Alert: 09/28/2019 – Scheduled Support Center Maintenance

    09/25/2019

    On September 28, 2019 the Support Center will be undergoing extensive maintenance from 6:00 am PDT – 9:00 pm PDT.

    The following functionality will be inaccessible:

    • Online case submission and management
    • Click to Call
    • Chat
    • Community
    • Search
    • Knowledge Content (articles, guides and videos)

    For Support, please call 1-866-219-4318.

  • UPDATE: 8/19/2019 – DocuSign Notice for CVE-2019-1181

    08/19/2019

    On August 13th, 2019 Microsoft released a fix for a remote code execution vulnerability (CVE-2019-1222, CVE-2019-1226, CVE-2019-1181, CVE-2019-1182) residing in Remote Desktop Services and affecting all versions of Windows including Server.

    In keeping with our security best practices, we would like to assure customers that all impacted roles are immediately patched.

  • Alert: July 18, 2019, 08:00 AM Pacific Time - New Phishing Campaign Observed Today

    07/18/2019

    DocuSign has observed a new phishing campaign that began around 08:00 on the morning of July 18th  (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign @ ggarvey.net"  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain and it contains a .zip attachment with a malicious .vbs file.  This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • 7/2/2019 @ 10:00 AM Pacific Time - New Phishing Campaign Observed Today

    07/02/2019

    DocuSign has observed a new phishing campaign that began around 10:00 on the morning of July 2nd  (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@innersighttherapy.com"  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain links to a malicious website that will download malicious executable to your computer.  This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB) 

  • UPDATE: 6/28/2019 Larger Audience for DocuSign Connect Certificate Renewal Communication

    06/28/2019

    Starting at 10 AM EST June 27, 2019 DocuSign sent email communication to customers who have DocuSign accounts that are using our current Connect x.509 certificate.


    This email message was sent to inform account admins and IT contacts that we are renewing the certificate on the schedule that can be found here.


    This email message was erroneously sent to all account users who are using our current x.509 certificate. We apologize for any confusion this has caused.  If you are not the DocuSign account admin or IT contact please disregard that communication.

  • UPDATE: 6/24/2019 Upcoming DocuSign Connect Certificate Renewal Schedule

    06/24/2019

    All DocuSign Connect x.509 certificates for Demo, NA1, NA2, NA3, EU, CA and AU have been re-issued and will be renewed between September and November 2019. After the change-over dates, only the renewed (new) certificates will be available for DocuSign Connect. The renewal schedule and new certificates have been posted here: https://www.docusign.com/trust/compliance/public-certificates

  • UPDATE: 6/11/2019 Subprocessor Update for DocuSign Signature

    06/11/2019

    DocuSign has engaged a new service-specific subprocessor, Google LLC, to deliver an optional product feature within the DocuSign Signature service. This subprocessor will only be used if you choose to enable or purchase the optional product feature for auto-tagging.

    Please review the details of this subprocessor, DocuSign’s commitments under our BCR-P Privacy Code, and your options for objecting to the subprocessor here: https://www.docusign.com/trust/privacy/subprocessors-list

  • ALERT: 5/23/2019 @ 8:30 AM Pacific Time - New Phishing Campaign Observed Today

    05/23/2019

    DocuSign has observed a new phishing campaign that began around 8:00 on the morning of May 23rd  (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@carenethouston.org"  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain links to a malicious Microsoft Office document which, if run, will download malware to your computer. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB) 

  • UPDATE:5/21/2019 – DocuSign Notice for CVE-2019-0708

    05/21/2019

    On May 14th, 2019 Microsoft released a fix for a remote code execution vulnerability (CVE-2019-0708) residing in Remote Desktop Services and affecting Windows 7, Windows Server 2008 and Windows Server 2008 R2 operating systems. In keeping with our security best practices, we would like to assure customers that all impacted DocuSign systems were immediately patched.

  • ALERT: 4/16/2019 @ 8:30 AM Pacific Time - New Phishing Campaign Observed Today

    04/16/2019

    DocuSign has observed a new phishing campaign that began around 8:30 on the morning of April 16th (Pacific Time) and is coming in at a very quick rate. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@goldencorralonthego.org".  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain links to a malicious Microsoft Office document which, if run, will download malware to your computer. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB) 

  • UPDATE:4/11/19 Upcoming NA1 (www) and NA2 DocuSign Site certificate renewal

    04/11/2019

    The DocuSign SSL site certificates for NA1 and NA2 are expiring. The renewal schedule and renewed certificates have been posted here: https://www.docusign.com/trust/compliance/public-certificates

     

  • ALERT: 4/9/2019 @ 8:00 AM Pacific Time - New Phishing Campaign Observed Today

    04/09/2019

    DocuSign has observed a new phishing campaign that began around 8:00 on the morning of April 9th (Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@indie95.com".  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain links to a malicious Word document which, if run, will download malware to your computer. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB) 

Pages