Malicious email campaign uses fake DocuSign messages to exfiltrate login credentials

SiliconAngle reports that more than 10,000 users across various organizations have been targeted by a new phishing email campaign using fake DocuSign messages to facilitate login credential theft. A new report from researchers at Armorblox Inc. today warns of a recent malicious email campaign that attempted to trick users into believing the emails were from DocuSign Inc. to steal sensitive login credentials. The emails appear to be legitimate communication from DocuSign, with the sender name manipulated to say Docusign. However, the email address and domain had no association with the company.

DocuSign is one of the most impersonated brands when it comes to phishing emails and fake login forms are a scammer’s favourite. When created well and sent in a timely fashion that fits with a victim’s narrative it can be a recipe for disaster if payment details are compromised. Brand impersonation casts a net far and wide in the hope of being caught up in a believable narrative that gains quick and simple manipulation. Phishing attacks will always continue to follow brands that are well known as they often come with a higher chance of the victim owning one of the chosen accounts. Worldwide brands will also be more successful being able to cross borders with the same phishing campaigns. Stealing data remains big business but such phishing emails which could be suspicious can be avoided by analysing any email for spelling mistakes and double checking the sender address before taking any action as well as verifying the sender before clicking on links or attachments.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s