DocuSign had their email list breached and we expect there will be several spoofed messages with familiar sounding domain names. South Bay CU was a previous client of DocuSign. And given that DocuSign is very common out there, we wanted to share the announcement details as a courtesy. DocuSign has confirmed that the breach did not affect signers of documents using DocuSign, only those that had a specific DocuSign account.
Also note that SBCU has switched to eDOC’s eDOCSignature solution and doesn’t use DocuSign for business purposes.
Please see the information below provided by DocuSign. Additional information can be found on their website using links below.
Message from DocuSign
Check out the company’s Trust Center for more information. Its security staff has implemented a plan to secure its systems and has notified law enforcement. In the meantime, it offered up some steps to take to further ensure you are not affected. Here are those steps directly from DocuSign’s Trust Center:
- Delete any emails with the subject line, “Completed: [domain name] — Wire transfer for recipient-name Document
- Ready for Signature” and “Completed [domain name/email address] — Accounting Invoice [Number] Document Ready for Signature.” These emails are not from DocuSign. They were sent by a malicious third party and contain a link to malware spam.
- Forward any suspicious emails related to DocuSign to email@example.com, and then delete them from your computer.
- They may appear suspicious because you don’t recognize the sender, weren’t expecting a document to sign, contain misspellings (like “docusgn.com” without an ‘i’ or @docus.com), contain an attachment, or direct you to a link that starts with anything other than https://www.docusign.com or https://www.docusign.net.
- Ensure your antivirus software is enabled and up to date.
- Review DocuSign whitepaper on phishing
The usual tactics for avoiding phishing attacks apply as well. Never open attachments unless you know exactly who sent them and why, and don’t click on links in emails unless the address is valid and trusted. Make sure your browser is up to date and check that a site looks legitimate before entering any personal information.