The week of May 15, DocuSign detected an increase in phishing emails sent to some customers and users. The emails "spoofed" the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when opened, installs malicious software.
A complete forensic analysis confirmed that only a list of email addresses was accessed—no names, physical addresses, passwords, social security numbers, credit card data or other information. No content or customer documents sent through DocuSign's e-signature system was accessed. DocuSign's core e-signature service, envelopes and customer documents and data remain secure.
As DocuSign continues to assess the depth of the breach, visit the DocuSign Trust Center for more information and updates.
The internet is a critical component for your business to operate on the DocuSign Global Network. Those committing fraud seek to take advantage of this trusted relationship for illegal purposes. DocuSign continuously monitors for such activity in order to help safeguard customer information, documents and data. You are the first and best layer of defense in combating online fraud. Learning to properly detect and avoid online and email scams is the ultimate protection against fraud. Here are a few resources to get you started:
You can also check out the materials in the Trust Center to help your employees, customers or customers' customers protect themselves from phishing attacks. Email DocuSign or call 800-379-9973 with any additional questions.
Mitchell & Mitchell uses DocuSign as an e-signature service. If your agent hasn't already sent you documents via DocuSign, email us today letting us know you want to do business electronically!