DocuSign Phishing Campaign Targets Low Ranking Employees

October 15, 2021

Avanan researchers have released more details to underscore a new trend in phishing, which involves actors targeting non-executive employees with access to valuable areas and data within an organization.

The researchers found that half of all phishing emails analyzed in recent months impersonated non-executives and 77% of the targeted employees on the same level using DocuSign, a legit cloud-based document signing platform.

According to the researchers, the threat actors offer DocuSign as an alternative signature method in the e-mails they send and ask recipients to enter their login credentials to view and sign the document.

Though the e-mails are designed to look legitimate, they are not like real DocuSign requests. DocuSign never asks users to enter passwords, instead receiving an authentication code via e-mail.

Users are advised to take the time to check every email that arrives in their inbox for signs of irregularities such as spelling mistakes, unsolicited attachments and the need to enter their login details.

For more information, read the original story in Bleeping Computer.

DocuSign Phishing Campaign Targets Low Ranking Employees

Top Stories

Salesforce CEO Marc Benioff dumps ChatGPT for Google’s Gemini 3, calls AI leap ‘insane’

Google Gemini bringing AI-powered features to Android Auto

CrowdStrike’s 2025 Global Threat Outlook

Washington Post confirms nearly 10,000 affected in Oracle EBS breach linked to Clop

Lost iPhone users targeted by phishing texts claiming the device was found

Related Articles

Google Gemini bringing AI-powered features to Android Auto

CrowdStrike’s 2025 Global Threat Outlook

Washington Post confirms nearly 10,000 affected in Oracle EBS breach linked to Clop

Lost iPhone users targeted by phishing texts claiming the device was found

Jim Love

Follow Us

Popular categories

Tech News Delivered