“DocuSign or DocuScam? PhishQueue to the rescue”
What’s Going On?
Cybercriminals are using fake DocuSign notifications to trick people into clicking links that lead to harmful outcomes. These emails appear to be legitimate requests to review or sign a document. When users click the link, they are taken to a fake page that may ask for login information or prompt them to download malicious files.
Because many people use DocuSign for legitimate business, these messages can appear trustworthy and urgent.
Attackers can silently take over trusted email accounts, hide their activity, and spread phishing internally, turning one mistake into a widespread breach.
Sources: Advance Phishing Scams Leveraging Notifications
The safest response is simple. Do not guess, submit it.
If you receive an unexpected DocuSign request, use the PhishQueue Report Phish button immediately.
Remember: PhishQueue will analyze the message and confirm whether it is legitimate or malicious.
New Phishing Attack Impersonate as DocuSign Deploys Stealthy Malware on Windows Systems
Example: New phishing campaign impersonates DocuSign emails to trick users into downloading malware through an access-code protected, multi-stage infection chain designed to evade automated detection.
DocuSign “Document Review Notification” Email Scam Explained
Example: This scam impersonates a legitimate DocuSign “Document Review” email to trick users into clicking a fake link that redirects to a spoofed Gmail login page, where attackers steal email credentials.
Threat Actors Deploy Fake DocuSign Notifications to Harvest Corporate Data
Example: Cybercriminals are increasingly exploiting DocuSign’s trusted brand and massive global user base through sophisticated phishing campaigns.
Cybercrime is ever-evolving.
Protect yourself with PhishQueue.
Why do attackers love fake DocuSign emails?
Because people see “Please sign” and forget to read.
Cybersecurity is serious, but staying informed does not have to be dull!
Stay vigilant,
The PhishQueue Team