The Threat

A data breach has occurred at electronic signature and digital transaction company DocuSign. The breach exposed customer email addresses to an unknown malicious threat actor.  Attackers are leveraging stolen emails to send DocuSign-branded malicious phishing campaigns to clients.

eSentire customers are urged to exercise caution when handling any DocuSign-branded emails that arrive in their Inbox, and access their documents directly from www.docusign.com by entering the unique security code at the bottom of the email.

 

eSentire Response

  • eSentire is tracking the malicious links included in the phishing emails and adding them to the ‘block’ list on our Network Interceptor™ sensors.
  • If eSentire sensors observe successful malware infections, an alert will be issued (in accordance with our regular monitoring procedures). 

 

Recommended Action

  • Hover over the link – URLs to view or sign DocuSign documents contain “docusign.net/” and always start with https.
  • Access your documents directly from www.docusign.com by entering the unique security code, which is included at the bottom of every DocuSign email.
  • Do NOT open unknown or suspicious attachments, or click links – DocuSign will never ask you to open a PDF, office document, or zip file in an email.
  • Look for misspellings, poor grammar, generic greetings, and a false sense of urgency.
  • Enable multi-factor authentication where possible.
  • Use strong, unique passwords for each service – don’t reuse passwords on multiple websites.
  • Ensure your anti-virus software is up-to-date and all application patches are installed.
  • Contact the sender offline to verify the email’s authenticity, if you’re still suspicious.
  • Report suspicious DocuSign emails to your IT/security team and [email protected]

 

Additional Information

For the latest updates and alerts please visit: https://trust.docusign.com/en-us/personal-safeguards/

Please refer to this guide from DocuSign for more useful tips: https://trust.docusign.com/static/downloads/Combating_Phishing_WP_05082017.pdf

If you have any questions please reach out to the eSentire Security Operations Center.

eSentire Media Contacts

Mandy Bachus | eSentire | [email protected] | +1 519.651.2200 x5226 | @MandyBachus

Angela Tuzzo | MRB Public Relations | [email protected] | +1 732.758.1100 x105 | @MRB_PR

Ready to start the conversation about cybersecurity?
Talk to us today.
Let's Talk