Skip to main content

DocuSign customers are now prime phishing targets after a recent data breach

Image used with permission by copyright holder
When it comes to our technology, It seems like we’re under constant attack lately. From the recent massive ransomware attack to the NSA’s cache of exploits to MacOS joining Windows as a more frequent target, not a day goes by that we’re not facing yet another assault on our privacy and information.

The latest threat comes by way of a data breach at document validation company DocuSign, as Tom’s Hardware reports. DocuSign was looking into a nefarious email campaign that targeted its customers when the company discovered that someone had hacked into its systems and grabbed some email addresses.

As Tom’s Hardware points out, having access to email addresses by itself is more of a nuisance than a dire circumstance when it is only the email address and no other personal identifying information is involved such as names, addresses, credit cards, and the like. However, having email addresses for a distinct group such as DocuSign customers creates the perfect opportunity to create an effective phishing campaign. Attackers can use DocuSign’s own branding to trick people expecting email from the company into clicking on unsafe sites or opening infected documents.

DocuSign said that its own eSignature document verification service hasn’t been breached and its customers’ documents are safe. But as we saw with a recent phishing scam that utilized Google’s own authentication system to infect users, cybercriminals are aided greatly by the ability to target specific victims who are likely to believe that an emailed link or document is legitimate.

If you’re a DocuSign customer, then be sure to check out the company’s Trust Center for more information. Its security staff has implemented a plan to secure its systems and has notified law enforcement. In the meantime, it offered up some steps to take to further ensure you are not affected. Here are those steps directly from DocuSign’s Trust Center:

  • Delete any emails with the subject line, “Completed: [domain name] — Wire transfer for recipient-name Document
  • Ready for Signature” and “Completed [domain name/email address] — Accounting Invoice [Number] Document Ready for Signature.” These emails are not from DocuSign. They were sent by a malicious third party and contain a link to malware spam.
  • Forward any suspicious emails related to DocuSign to, and then delete them from your computer.
  • They may appear suspicious because you don’t recognize the sender, weren’t expecting a document to sign, contain misspellings (like “” without an ‘i’ or, contain an attachment, or direct you to a link that starts with anything other than or
  • Ensure your antivirus software is enabled and up to date.
  • Review our whitepaper on phishing available

The usual tactics for avoiding phishing attacks apply as well. Never open attachments unless you know exactly who sent them and why, and don’t click on links in emails unless the address is valid and trusted. Make sure your browser is up to date and check that a site looks legitimate before entering any personal information.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Data breach of unknown entity exposes private data of 80 million U.S. households
Stock photo of lock and data

Security researchers have recently discovered and reported an unprotected database that exposed the personal information of 80 million U.S. households to potential data security threats like identity theft.

According to PCWorld, a team of security researchers from a site known as vpnMentor discovered that the database contained unencrypted data that exposed information such as full street addresses, full names, ages, and dates of birth. Most unsettling was the fact that the data also included “exact longitude and latitude” locations for individuals. The researchers also reportedly found “coded references” to other pieces of personal information such as details on income, gender, marital status, and homeowner status. Interestingly though, the data only seems to expose the information of people ages 40 and older.

Read more
How to tell if your webcam has been hacked
Razer webcam sitting on top of a monitor.

Having your webcam hacked is a terrifying prospect for many -- and a good reason to use a dedicated webcam cover. Not only does it represent an incredible invasion of privacy, but it has the potential to grab biometric data and other personal information that could be used to further expose you and steal your identity.

Often a hacked webcam is just part of a comprehensive malware assault, though, so protecting yourself against it involves having some of the best antivirus protection you can, while keeping your system updated. Even with robust protections in place, though, you should always keep an eye out for the tell-tale signs of a hacked webcam. Here's what to look out for.
The light on your webcam turns on at strange times

Read more
How to cancel a Twitch subscription on desktop or mobile
The Twitch desktop app.

There comes a time in every online gamer’s life when one must move on from platforms once cherished. Beyond PlayStation Plus and Xbox Game Pass, one of the premiere gaming content meccas is Twitch. Built from the ground up to give players the world over a community forum to live-stream through, it’s the kind of content hub that’s great when you want it, but maybe one of the first things you want to walk away from when you’re taking a break from your PC and consoles.

Read more