Kaspersky warns local businesses of active Docusign-themed phishing scams

Kaspersky is warning of a rising phishing scam involving fraudulent emails pretending to be from Docusign, a globally used e-signature platform. Cyber attackers are sending these emails with links to fake websites where users are asked to enter a work login and password.

The Docusign phishing attack begins with an email that resembles legitimate communication from the service provider. Unlike other phishing schemes, the malicious actors generally do not bother to forge or mask the sender address given how genuine Docusign emails can originate from any address due to the customisation options available to Docusign customers.

Typically, the victim is notified that they must electronically sign a financial-related document, with the click through link included in the email received. In some instances, the phishers can also include a PDF attachment with a QR code inside. The victim is prompted to open the attachment and scan this QR code, supposedly to access the document for signing, however in reality this leads to a phishing website intended to gather users’ credentials.

The tactics and quality of execution can vary from email to email. However, the core principle remains the same: phishers rely on the recipient not understanding how e-signing with Docusign actually works. The inattentive victim follows the link (or QR code) to the phishing page and enters their work login credentials, which go straight to the attackers. Usernames and passwords harvested through successful phishing attacks are often compiled into databases sold on illicit dark web marketplaces, and later used to attack organizations. The whole purpose of Docusign is to make it as easy as possible for companies and individuals to exchange electronically-signed documents. Any additional steps or restrictions — such as creating an account, entering credentials, opening attachments, or using only a smartphone to sign — go against this principle. Therefore, Docusign asks for none of this and strives to make the signing process as quick and simple as possible.

High-quality fake Docusign email

To protect against this Docusign phishing tactic or other scams that impersonate popular services, Kaspersky recommends the following:

• Have an understanding around how the genuine service works. For example, Docusign will never:
o Send a PDF attachment with a link to a document to be signed.
o Give you no choice but to scan a QR code. Docusign works on both mobile devices and computers, so a link is always provided to access the document – not a QR code.
o Require you to enter work login credentials.
o Force you to register with or log in to Docusign. After you sign the document, Docusign might suggest creating an account, but it’s entirely optional.
• Be cautious of links and attachments: Avoid clicking on any unexpected links or downloading attachments in unsolicited emails.
• Train employees: Companies should educate employees on how to recognise phishing attempts. Specialised training systems such as Kaspersky Automated Security Awareness Platform can be of help.
• Use security solutions: Filtering out suspicious and unwanted email at the gateway level with products such as Kaspersky Security for Mail Server prevents employees from being defrauded by socially engineered scams. Security solutions for endpoints relevant to the size of the organization – such as the Kaspersky Small Office Security or Kaspersky Next – will also secure from phishing redirects.
• Use multi-factor authentication: This measure adds an extra layer of protection for sensitive accounts and services.

“Phishers are increasingly using names of trusted services like Docusign. We advise all IT users both at work and at home to always verify the sender’s identity and avoid clicking on suspicious links. Companies should ensure their teams know how to identify phishing emails, while multi-factor authentication and email filtering solutions add an extra level of defence,” Roman Dedenok concludes.

 

 

Related Posts

Inside FunkSec: Kaspersky explores the evolution of AI-powered ransomware with password-gated capabilities

The domain of deception: Attackers deploy spyware under the guise of legal threats

Thndr Recognized by World Economic Forum as 2025Technology Pioneer The only Egyptian and North African company among the 2025

British Council’s Deep Dialogues Brings Together Delegates from Egypt, Tunisia and Saudi Arabia in Cardiff

Commvault Convenes Egypt’s Cybersecurity Leaders at SHIFT Cairo

Dubai Launches Landmark Initiative Further Enabling First-Time Homeownership

Noise-Free Conversations and Lush Soundscapes: Meet the HUAWEI FreeBuds 6

Raya Electronics Expands Strategic Partnership with Lenovo and Microsoft

آخر الأخبار
الطقس غدا.. شديد الحرارة وشبورة ورطوبة مرتفعة وزير الإسكان: ما فيش طرد لأى مواطن مصرى من قاطنى وحدات الإيجار القديم كاسبرسكي تحذر من تطور برمجيات الفدية المدعومة بالذكاء الاصطناعي Inside FunkSec: Kaspersky explores the evolution of AI-powered ransomware with password-gated capabi... الكرملين: ترامب وبوتين أجريا نقاشا مفصلا عن إيران والشرق الأوسط مصر ترفض رفض قاطع لاستمرار سياسة إثيوبيا في فرض الأمر الواقع من خلال إجراءات أحادية تتعلق بنهر النيل وزير السياحة يبحث مع أحد الشركات الصينية الرائدة في مجال البواخر السياحية سبل تطوير منتج السياحة الن... 5 وزراء ومحافظ مطروح يفتتحون فرع سلسة "جملة ماركت" بالمدينة التراثية بالعلمين الجديدة اتصال هاتفي بين وزير الخارجية والهجرة ونظيره السورى قرار جمهورى بتعيين أحمد سعد الشاذلي مستشاراً لرئيس الجمهورية للشئون المالية البترول تؤكد التزام شركة أديس المالكة للبارج بسرعة صرف التعويضات لأسر المتوفين والمفقودين والمصابين رئيس الوزراء يتابع مع وزير البترول مستجدات تقدم الأعمال الخاصة بتجهيز وربط وحدات التغييز المشاط: تطوير 34 جهاز مدينة في إطار مشروع تطوير وميكنة خدمات المواطنين بأجهزة المدن العمرانية الجديد... وزير الزراعة يتفقد أعمال حصر وتصنيف الأراضي الصحراوية بمنطقة "العميد" على محور وادي النطرون ـ العلمي... مصر تجدد دعمها لاستقرار الصومال خلال مشاركتها في الاجتماع الوزاري الافتراضي لمجلس السلم والأمن التاب... أسوان تنضم رسميًا إلى منظومة التأمين الصحي الشامل.. خطوة جديدة نحو تغطية صحية شاملة لكل المصريين نائب وزير الصحة يتفقد مستشفى حلوان العام ومركز أطلس.. ويوصي بإجراءات عاجلة لتقليل زمن انتظار المواطن... وزيرا الإسكان والزراعة يتفقدان محطة التجارب البحثية لتحلية مياه البحر حذر في أسواق الذهب وترقب بيانات الوظائف الأمريكية «الغرف العربية»: العالم يواجه فجوة تمويلية تقدر بنحو 4.2 تريليون دولار لتحقيق أهداف التنمية المستدام...