Company

ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us Leadership Careers Event Calendar → Newsroom → Aston Villa Football Club →

EVENT CALENDAR

Feb

Belfast Cyber Expo

Feb

St. Louis FutureCon

Mar

Chicago Cybersecurity Summit

Mar

Dallas Cybersecurity Summit

Mar

March TRU Intelligence Briefing

View Calendar →

LATEST PRESS RELEASE

Feb 26, 2026 eSentire Supports Modern Security Skills Development with Award of Fifth Annual Sean Hennessy Bursary Read More

View Newsroom →

OUR PARTNERSHIPS

Aston Villa Football Club

AVFC takes its cyber protection to the Next Level with eSentire as its official cybersecurity partner.

Learn More

Partners

PARTNER PROGRAM

We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.

LEARN MORE →

Apply to become an e3 ecosystem partner with eSentire today.

APPLY NOW →

DocuSign Targeted Phishing Campaign

February 26, 2019

2 MINS READ

Share this article

The Threat

A data breach has occurred at the electronic signature and digital transaction company DocuSign. The breach exposed customer email addresses to an unknown malicious threat actor. Attackers are leveraging stolen emails to send DocuSign-branded malicious phishing campaigns to clients.

eSentire customers are urged to exercise caution when handling any DocuSign-branded emails that arrive in their Inbox and access their documents directly from www.docusign.com by entering the unique security code at the bottom of the email.

eSentire Response

eSentire is tracking the malicious links included in the phishing emails and adding them to the ‘block’ list on our Network Interceptor™ sensors.
If eSentire sensors observe successful malware infections, an alert will be issued (in accordance with our regular monitoring procedures).

Recommended Action

Hover over the link – URLs to view or sign DocuSign documents contain “docusign.net/” and always start with https.
Access your documents directly from www.docusign.com by entering the unique security code, which is included at the bottom of every DocuSign email.
Do NOT open unknown or suspicious attachments, or click links – DocuSign will never ask you to open a PDF, office document, or zip file in an email.
Look for misspellings, poor grammar, generic greetings, and a false sense of urgency.
Enable multi-factor authentication where possible.
Use strong, unique passwords for each service – don’t reuse passwords on multiple websites.
Ensure your anti-virus software is up-to-date and all application patches are installed.
Contact the sender offline to verify the email’s authenticity, if you’re still suspicious.
Report suspicious DocuSign emails to your IT/security team and [email protected]

Additional Information

For the latest updates and alerts please visit: https://trust.docusign.com/en-us/personal-safeguards/

Refer to this guide from DocuSign for more useful tips: https://trust.docusign.com/static/downloads/Combating_Phishing_WP_05082017.pdf

Back to Security Advisories

Speak With A Security Expert Now

TALK TO AN EXPERT

Security advisories

DocuSign Targeted Phishing Campaign

Speak With A Security Expert Now

in this Advisory