How to Recognise and Avoid a DocuSign Email Phishing Scam

Posted on Sunday, July 31, 2022

When someone receives an email from a well-known brand, it inspires feelings of trust and positivity in that person. For this reason, con artists will use well-known brands when launching phishing attacks via email. If the email appears to have been sent from a reputable and well-known brand, the recipients are more likely to respond to it and click on the link.

DocuSign is a recent example of a brand that has been seen in association with fraudulent activity. Because it is so commonly used to sign digital agreements and contracts online, the vast majority of people have either used the brand or heard of it.

Hackers have the opportunity to impersonate a business and gain access to confidential information that can be used for their own benefit if they are successful.

How to avoid falling victim to a phishing attack using DocuSign

There are a few red flags that should alert the reader that the email might not be authentic.

Check the email to see if it has any attachments or links that look suspicious. If it does, move on to the next step. DocuSign emails that are authentic will not include attachments of any kind, including PDFs, Word documents, or zip files. It is essential that you do not open any suspicious attachments or click on any dubious links.

Another red flag to keep an eye out for is a greeting at the top of the email that is impersonal. When DocuSign sends you an official email, it will address you by your first name. In a phishing email, the sender might begin with “Dear Recipient,” for example.

The body copy of the email may contain misspellings and grammatical errors, which is another sign that the email is a fake and indicates that it was not generated by a professional company such as DocuSign.

Scammers who use phishing techniques will frequently try to instill a false sense of urgency and panic in the recipient of their email in the hope that it will prompt them to take immediate action without first considering the potential risks of clicking on a link or attachment.

Additionally, be on the lookout for correct and current branding. DocuSign’s logo was once a dark blue colour, but it has since transitioned to a black colour scheme.

Always double-check the original source

Check the email address that was used to send the message. Does the address appear to be one that could have been used by the company in question?

Does the image for the email header seem appropriate? If you are unsure, compare it to other emails you have received from the company in the past that you know to be genuine.

You can also verify that the link is authentic by hovering your mouse pointer over any hypertext to find out which URL address the link directs you to.

In the event that your uncertainty persists, you are free to get in touch with the customer service department of the company and inquire as to whether or not the email was sent by the company. You will not put yourself in danger if you do this; however, there is a possibility that you will bring to their attention a phishing email that they can investigate and use to warn others about.

How to safeguard yourself against being a victim of phishing

The vast majority of email clients come equipped with their own spam filters, which are designed to identify and delete suspicious emails that are either spam or overt phishing attempts.

The filters perform their function by identifying potentially malicious files and links that are integral parts of the email. If an email client is cloud-enabled, it is highly likely that it will also have a list of IP addresses that are banned and will block emails sent from those addresses.

It is highly recommended that you get in touch with the IT support staff if you require assistance in configuring email spam filters for the email client software you use. They will assist you in establishing the most secure email protocols possible for your account.

It goes without saying that you should also have protection against cyberattacks on the devices that you use. This could assist in minimising the amount of damage that can be caused by a phishing attack.

This should include keeping your antivirus software up to date with the most recent version and any feature updates that may be released. In addition to this, you need to make sure that the most recent available updates are installed on your personal computer as well as any other devices you use, such as mobile phones or Internet of Things devices like Amazon Alexa.

Use a unique password for each of your online accounts, including your email account, whenever it’s possible. Be sure that your passwords are difficult to guess, that they are not written down anywhere that could lead to their theft, and that they are both of these things. Along with your password, you are strongly encouraged to make use of two-factor authentication whenever it is an option. This type of authentication may involve the use of confirmation codes that are sent to your mobile number during the login process. Because of this, it will be much more difficult for hackers to gain access to your accounts.

Keep in mind that cybercriminals can look online for hints and information about your passwords, secret answers, date of birth, and even more information about you. It is important to exercise caution when it comes to the amount of personal information you share on social media platforms and who has access to that information. You can lower the amount of risk you expose yourself to by adjusting the privacy settings on social networking sites.


About Mustard IT, your security partner

Mustard IT is a trusted team, experienced in security and able to explain complex issues to you in a language you’ll understand. Contact us today to find out how we can help you.