DocuSign Phishing Campaign Targets Low Ranking Employees

October 15, 2021

Avanan researchers have released more details to underscore a new trend in phishing, which involves actors targeting non-executive employees with access to valuable areas and data within an organization.

The researchers found that half of all phishing emails analyzed in recent months impersonated non-executives and 77% of the targeted employees on the same level using DocuSign, a legit cloud-based document signing platform.

According to the researchers, the threat actors offer DocuSign as an alternative signature method in the e-mails they send and ask recipients to enter their login credentials to view and sign the document.

Though the e-mails are designed to look legitimate, they are not like real DocuSign requests. DocuSign never asks users to enter passwords, instead receiving an authentication code via e-mail.

Users are advised to take the time to check every email that arrives in their inbox for signs of irregularities such as spelling mistakes, unsolicited attachments and the need to enter their login details.

For more information, read the original story in Bleeping Computer.

DocuSign Phishing Campaign Targets Low Ranking Employees

Top Stories

How can project sponsors help projects succeed?

AI pioneer Yann LeCun calls Elon Musk’s xAI a ‘failure’

Microsoft sued by shareholders over Azure growth and AI spending

SpaceX shares fall 20% from peak following $60 billion cursor acquisition

Snap unveils first consumer AR glasses priced at more than $2,000

Key U.S. data center law faces expiration with no replacement in sight

Related Articles

Hackers used Meta’s AI support bot to hijack 20,000 Instagram accounts

New ‘HTTP/2 Bomb’ attack can crash major web servers from a single computer

CISA exposed internal passwords and cloud keys in public repository

Canvas restores service after cyberattack disrupted schools and universities

TND News Desk

TND News Desk

Jim Love