Alerts and updates

Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.

  • The DocuSign CLM and CLM.CM September 20.7 Product Release will be deployed to the NA11, NA21, EU11, EU21, US11, US12 Production environments on Friday, September 25, 2020 between 9:00 PM and Midnight, US Central Time.

    We don't anticipate any impact to platform availability during this time.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.
  • The DocuSign CLM and CLM.CM September 20.7 Product Release will be deployed to the UAT environment on Thursday, September 3, 2020 between 8:00 PM and 11:00 PM, US Central Time.

    We don't anticipate any impact to availability or access during this Product Release.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and bug fixes that will be posted prior to UAT deployment. 

    Please contact Technical Support if you have any questions.

  • The DocuSign CLM and CLM.CM August 20.6 Product Release will be deployed to the PROD environment (NA11, NA21, EU11, EU21) on Friday, August 7, 2020 between 21:00 and Midnight, US Central Time.

    We don't anticipate any impact to platform availability during this product release.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.
  • On July 14th, 2020, Microsoft released a fix for a Critical Remote Code Execution (RCE) vulnerability (CVE-2020-1350) affecting Windows DNS Servers. In keeping with our security best practices, we would like to assure customers that all impacted roles were immediately patched.
  • The DocuSign CLM and CLM.CM August 20.6 Product Release will be deployed to the UAT environment on Thursday, July 23, 2020 between 8:00 PM and 11:00 PM, US Central Time.

    During this period, access to the UAT environment will be impacted. We apologize for any inconvenience.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.
  • On 07/09/2020, we published an alert regarding the renewal of three previously issued certificates ahead of schedule due to a change initiated by DigiCert in their ICA infrastructure, revoking the Intermediate Certificate.

    We have updated the PROD enforce dates for these three re-provisioned certificates, which are listed below and available on the DocuSign Public Trust site at https://www.docusign.com/trust/compliance/public-certificates:

    • The Security Appliance certificate
    • The Signed By service certificate
    • The DigiCert Intermediate CA certificate
  • Due to a change initiated by DigiCert in their ICA infrastructure, we're renewing three previously issued certificates ahead of schedule. DigiCert will expire the following current certificates on July 30, 2020.

    • The Security Appliance certificate
    • The Signed By service certificate
    • The DigiCert Intermediate CA certificate. 

    These three certificates are available with their new offer and enforce dates on the DocuSign Public Trust site at: https://www.docusign.com/trust/compliance/public-certificates.

  • The DocuSign CLM and CLM.CM June 20.5 Product Release will be deployed to the PROD environments (NA11, NA21, EU11, EU21) on Friday June 26, 2020 between 21:00 and Midnight, US Central Time.

    We don't anticipate any impact to availability or access during this Product Release.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

  • Please add DocuSign’s new IP range to your allowlist (192.103.120.1 through 192.103.123.254) to avoid service disruptions. DocuSign will be scaling it’s service to start using this new range starting 6/26/2020. The current ranges still remain valid. DocuSign IP ranges are advertised on https://www.docusign.com/trust/security/esignature

  • The DocuSign CLM and CLM.CM June 20.5 Product Release will be deployed to the UAT environment on Thursday, June 11, 2020 between 8:00 PM and 11:00 PM, US Central Time.

    We don't anticipate any impact to availability or access during this Product Release.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

  • DocuSign has discovered several new phishing campaigns that spoof DocuSign and are COVID-related. All below campaigns were found in the wild. Details are shared for each below.

    1. From: "Payment Request via DocuSign" <user[@]puabenefit-pay8645752893[.]info> or <filling[@]serv-docpay873644[.]com>
      Reply-to: user[@]doc-pay[.]info
      Sent: Thursday, May 21
      Subject: "RE: YOUR COVID19 PAYMENT FILLING STATUS" or "COVID-19 HEALTH PAYMENT STATUS" or similar
      Link displays as: hxxps://mindscriptstech[.]com/wp-admin/documen0t9853/doc-new/
       
    2. From: "DocuSign Via Arnulfo Smitham" <docusign-donot-reply[@]Yourpad[.]com>
      Sent: Thursday, May 21
      Subject: "Affidavit_for_Covid-19 from Yourpad[.]com" or similar
      Link displays as: hxxps://bit[.]ly/3bnBEsw
      Links redirects to: hxxps://realestatesproperties[.]estate/x787xe8ruh22@/11d4b7f8a0da369d11a95c2ee2267796/
      95aed2504a6a43d4034b22cacbba5607/login.php?cmd=login_submit&id=5aea4dece5073ba5a0f7113d90b4b62
      35aea4dece5073ba5a0f7113d90b4b623&session=5aea4dece5073ba5a0f7113d90b4b6235aea4dece5073ba5a0f
      7113d90b4b623
       
    3. From: "KEVIN WATSON" <grayshillrealty[@]yahoo[.]com>
      Sent: Wednesday, May 20
      Subject: "Re:  Docu  sign. :Complete : File NO 8874871 COVID-19 Report ,termi AND HUD approver QWKLDQXPSO" or similiar
      Link displays as: No URL was provided in the message
  • DocuSign has observed several new phishing campaigns that spoof DocuSign and are COVID-themed. Details for each are below.

    1. The email sender appears as "DocuSign" from suspended[@]sign-doc.com, and indicates in the body that your 'docusign account is temporarily suspended.' The subject line is similar to "Your Docusign account is suspended" The emails contain a link to a malicious URL [http]://covid19.protected-forms[.]com/XYWNb0aW9uPWqNsaWNrJnfVybD1odddHRwhczov
      L3NlvY3uVyZWQtbG9naW4ubmV0bL3BhZ2VzL2E0ZGFlYzk1OTVlMSZyZWNpcGllbnRfaWQ9NjE5NTkyMTg5JmNhbXBha
      WduX3J1bl9pZD0zMTQ3MDEw
       
      that leads to [https]://secured-login[.]net/pages/a4daec9595e1/XYWNb0aW9uPWqNsaWNrJnfVybD1odddHRwh
      czovL3NlvY3uVyZWQtbG9naW4ubmV0bL3BhZ2VzL2E0ZGFlYzk1OTVlMSZyZWNpcGllbnRfaWQ9NjE5NTkyMTg5JmNhbXBha
      WduX3J1bl9pZD0zMTQ3MDEw
      .
       
    2. The sender again appears as "DocuSign" from carmen.schultz[@]t-online.de. The subject line is similar to "Notification: You have received a document." The email body suggests that the World Health Organization has sent you a document: "COVID-19 impact, situation updates, and policy responses." A malicious URL [https]://storage[.]googleapis[.]com/worldhealthorganization/index[.]html
      takes you to
      [https]://virtualmallglobal[.]com/documents/login[.]html.
       
    3. The email sender appears as "Rebecca Campbell" from jogina[@]randallmorris.com. The subject line is similar to "Completed: Docusign_FinalApproval/Clear to Close the property/Covid-19 Affidavit." This malicious URL [https]://bit[.]ly/39jkv28
      takes you to
      [https]://realestateescrowdocument[.]estate/x787xe8ruh22@/
      8af0a1fdf1fb6005665d2bc4d5fa7c77/2816dde2b84c88df5e1cd134bf
      15c431/login[.]php?cmd=login_submit&id=f8b98db5e70b2e47bf110c6e8e9fef69f8b
      98db5e70b2e47bf110c6e8e9fef69&session=f8b98db5e70b2e47bf110c6e8e9fef69f8b98db5e70b2e47bf110c6e8e9fef69
      .
       
    4. The email sender appears as "DocuSign via Jimenez: from kjimenez[@]lindsey.com. The body of the email includes the contact Jimenez[@]Keystonetitle.com, claiming that your close time is curbside and scheduled for "1:30pm on 5/013/20." The subject line is similar to "RE: REG 2440 COVID-19 Affidavit and ALTA SETTLEMENT ID no: 244053 , pls sign Thanks." The malicious URL [https]://bit[.]ly/3afxh33
      sends you to
      [https]://generalbamrealtors[.]com/x787xe8ruh22@/ac8120f50c6ca29c78fbd84cde5ab7d5/28428aa5229cf9c9c1
      ba35239609aa0e/login.php?cmd=login_submit&id=76be3a836e56c3ea7cc3b9e97e04eb1176be3a836e56c3ea7c
      c3b9e97e04eb11&session=76be3a836e56c3ea7cc3b9e97e04eb1176be3a836e56c3ea7cc3b9e97e04eb11
      .
       
    5. The email sender appears as "DocuSign via Maureen Wilkinson" from nrakosy6468720[@]springhillres.com. The subject line is similar to "FWD:2668502 Please DocuSign this document: Change_to_Listing_COFIC-19_2_1211.pdf." The malicious URL [http]://waiting[.]website/3akIIpr 
      leads you to
      [https]://realestatesproperties[.]estate/x787xe8ruh22@/6baadc89159617043965f9e1889224e7/099043c11c86
      f05f70d165635ea65814/login.php?cmd=login_submit&id=f1d4c1bb89f4af812573622f86d4485ff1d4c1bb89
      f4af812573622f86d4485f&session=f1d4c1bb89f4af812573622f86d4485ff1d4c1bb89f4af812573622f86d4485f
      .

    These emails are not sent from DocuSign. Do not click on the links in these emails, instead, please forward them to spam@docusign.com and then delete these emails immediately. 

    For more information on how to spot phishing, please see our Combating Phishing white paper.

Pages