![]() Generic greetings Many imitation emails begin with a generic greeting like “Dear DocuSign Customer.” If you don’t see your name in the salutation, be suspicious and don’t click on any links or attachments. DocuSign never attaches zip files, HTML files, or executables. Even then, pay close attention to the attachment to ensure it’s a valid PDF file. DocuSign emails only contain PDF attachments of completed documents after all parties have signed the document. Don’t open or click them within an email requesting your signature. If you don’t recognize the sender of or weren't expecting a DocuSign envelope, contact the sender through communication channels outside of email to verify its authenticity.Īttachments DocuSign emails that request you to sign a document never contain attachments. Imitation sender email address Imitation emails may include a forged email address in the "From" field, which is easily altered. ![]() Install spyware (which can enable a hacker to monitor your actions and steal login credentials) on your systemĬause you to download a virus that could disable your computer An imitation link is dangerous and can:ĭirect you to an imitation website that tries to collect your personal data Always check where a link goes before clicking by hovering your mouse over the link to review the URL (it should be hosted on or ). Imitation links Avoid imitation links by accessing your documents directly from using the unique security code found at the bottom of the DocuSign notification email. Review our Combating Phishing white paper to learn more. If you don’t see this code, don’t click on any links or open any attachments. If you don’t recognize the sender of a DocuSign envelope and are uncertain of the email’s authenticity, look for the unique security code included in all DocuSign envelopes at the bottom of the notification email. To support DocuSign information security and threat intelligence, report security incidents and DocuSign platform threats to for identifying imitation emails and websites Other security incidents and DocuSign-themed threats for investigation: new cybersecurity threats occur regularly. If you identify a website imitation of DocuSign, please copy and paste the URL into an email to for investigation. Dedicated threat reporting channelsĭocuSign has dedicated reporting channels based on the type of threat:ĭocuSign-themed imitation emails and websites: If you think that you’ve received a fraudulent email purporting to come from DocuSign, forward the entire email as an attachment to and delete it immediately. The information below explains how to detect cyber security threats via imitation (also called spoofing) and report them to DocuSign’s information security team for investigation. Detecting cyber security issues quickly reduces the possibility of negative consequences. Our customers are the first line of defense against cybersecurity threats. Submit a request through the Privacy Request Portal I have a request or concern regarding my personal data. Report all other security concerns to concerns and requests ![]() I have a DocuSign security threat concern not listed above or I’m unsure. How DS users can spot, avoid and report fraud I’m a victim of DocuSign customer fraud or I received a suspicious DocuSign envelope and I suspect fraud/illegal activity.įile a complaint through the DS Fraud Portal. I received a fake (spoofed) DocuSign themed email notification or want to report an imitation DocuSign URL. Conversely, concerns related to an actual DocuSign customer account are considered fraud and improper use of our platform. This page outlines the difference between imitating DocuSign via spoofing or impersonation used in phishing campaigns and the improper use of DocuSign customer accounts to commit fraud - as well as the correct reporting channel for each.Īttempts to trick people into believing that emails are related to or from an actual DocuSign customer account are imitation attempts. It’s imperative that security concerns are shared with us to ensure issues are addressed timely and appropriately. DocuSign Trust is a top priority and reports of suspicious activity are taken seriously.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |