Alerts and updates

Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.

  • DocuSign has observed a new phishing campaign that began around 7:30:00 AM on the morning of October 24(Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@nicolettetorres.com” The emails have the subject line similar to:

    "You got notification from DocuSign Signature Service “

    These emails contain a  malicious macro enabled word document. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • DocuSign has observed a new phishing campaign that began around 8:30 AM on the morning of October 23(Pacific Time). The email purports to come from "DocuSign Electronic Signature” or similar using the email address "docusign@2onthetown.com” The emails have the subject line similar to:

    "You got notification from DocuSign Signature Service “

    These emails contain and it contains a .zip attachment with a malicious .vbs file. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • DocuSign has observed a new phishing campaign that began around 09:30 AM on the morning of October 22 (Pacific Time). The email purports to come from "DocuSign Electronic Signature” or similar using the email address "docusign@thecanvasroom.ca” The email messages have the subject line similar to:

    "You received invoice from DocuSign Signature Service“

    These email messages contain a link to a malicious script. These email messages are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • DocuSign has observed a new phishing campaign that began around 08:00 AM on the morning of October 10 (Pacific Time). The email purports to come from "DocuSign Electronic Signature” or similar using the email address "docusign@testyourtestosterone.com” The emails have the subject line similar to:

    "You got notification from DocuSign Signature Service “

    These emails contain a link to a malicious script. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • DocuSign has observed a new phishing campaign that began around 09:00 AM on the morning of October 08 (Pacific Time). The email purports to come from "DocuSign Signature” or similar using the email address "docusign@blisscommunities[.]net” The emails have the subject line similar to:

    "You got invoice from DocuSign Electronic Signature Service"

    These emails contain a link to an archive containing a malicious word document.  These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • DocuSign has observed a new phishing campaign that began around 09:00 AM on the morning of October 03, 2019 (Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@amelianeukum.com"  The emails have the subject line similar to:

    "You got invoice from DocuSign Electronic Service “

    These emails contain a  malicious macro enabled word document. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • On September 28, 2019 the Support Center will be undergoing extensive maintenance from 6:00 am PDT – 9:00 pm PDT.

    The following functionality will be inaccessible:

    • Online case submission and management
    • Click to Call
    • Chat
    • Community
    • Search
    • Knowledge Content (articles, guides and videos)

    For Support, please call 1-866-219-4318.

  • On August 13th, 2019 Microsoft released a fix for a remote code execution vulnerability (CVE-2019-1222, CVE-2019-1226, CVE-2019-1181, CVE-2019-1182) residing in Remote Desktop Services and affecting all versions of Windows including Server.

    In keeping with our security best practices, we would like to assure customers that all impacted roles are immediately patched.

  • DocuSign has observed a new phishing campaign that began around 08:00 on the morning of July 18th  (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign @ ggarvey.net"  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain and it contains a .zip attachment with a malicious .vbs file.  This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)

  • DocuSign has observed a new phishing campaign that began around 10:00 on the morning of July 2nd  (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@innersighttherapy.com"  The emails have the subject line similar to:

    "You received notification from DocuSign Service“

    These emails contain links to a malicious website that will download malicious executable to your computer.  This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB) 

  • Starting at 10 AM EST June 27, 2019 DocuSign sent email communication to customers who have DocuSign accounts that are using our current Connect x.509 certificate.


    This email message was sent to inform account admins and IT contacts that we are renewing the certificate on the schedule that can be found here.


    This email message was erroneously sent to all account users who are using our current x.509 certificate. We apologize for any confusion this has caused.  If you are not the DocuSign account admin or IT contact please disregard that communication.

  • All DocuSign Connect x.509 certificates for Demo, NA1, NA2, NA3, EU, CA and AU have been re-issued and will be renewed between September and November 2019. After the change-over dates, only the renewed (new) certificates will be available for DocuSign Connect. The renewal schedule and new certificates have been posted here: https://www.docusign.com/trust/compliance/public-certificates

Pages