Once again, hackers have hit a high profile target. Recently, a customer email database of DocuSign, the company that allows companies to electronically sign documents, was compromised. Luckily, the bad guys were only able to pilfer email addresses. Sadly, this is still enough information for these criminals to start sending phishing emails that look exactly like the legitimate DocuSign communications.
If a user falls for the attack, they are tricked into opening an attached Word file and clicking a button to enable editing.If a user does click to edit, malware may be installed on their workstation. Be wary of any emails that appear to be from DocuSign and have an attachment. It is ALWAYS a good practice to pick up the phone and verify before you electronically sign any DocuSign email.
Please contact us if you have any questions relating to this or any other security related topic.
Remember, Think before you Click!