top of page

DocuSign scam surge now hitting inboxes


Docusign Scam
DocuSign Scam

Happy Friday my friend,


Did you know that a lot of scammers are... lazy? It's true. They want to put in the least amount of effort needed to blackmail and steal from companies.


And it just got easier. Over the past month, researchers from Abnormal Security have tracked a significant increase in phishing attacks designed to mimic legitimate Docusign requests. They traced these new templates to a handful of seedy Russian hacking forums where criminals can buy a fresh template for Docusign, Amazon, PayPal, and more for as little as $10.


Wondering what they do with these templates? They email them to you and look so convincing that they're hard to tell apart from the real thing. After all, after seeing so many of these (real) DocuSign requests, we know what they look like. They've got the blue background, the 'Docusign' logo, and that characteristic look and feel. Most people are somewhat conditioned to see it, click it and go into autopilot.


But that's bad. Criminals can use these phishing emails to harvest personally identifying information (PII), or send victims to fake login pages to submit their real Docusign login credentials. They can then leverage the data they obtain, or more likely, sell it on to the next buyer in the food chain to repeat the process. How can you break this vicious cycle?


The Takeaway


To protect yourself from falling victim to Docusign phishing scams, keep an eye out for these 5 key indicators:


1) Check the sender's email address: Authentic Docusign emails always originate from the domain. Be wary of generic greetings or incorrect spelling and grammar.


2) Watch out for impersonal greetings: Phishing emails frequently use generic salutations, whereas legitimate Docusign emails address you by name.


3) Verify the security code format: Docusign security codes are long and complex, like EA66FBAC95CF4117A479D27AFB9A85F01. Short or simple codes likely indicate a phishing attempt.


4) Inspect links before clicking: Hover over links to see their destination URLs. Genuine Docusign links go directly to Be wary of emails that include Google Docs/Drive links or attachments.


5) Use Docusign's secure document access: Instead of clicking links in suspicious emails, go directly to, click "Access Documents," and enter the security code provided at the bottom of Docusign email.


I get it - we're all busy. But when in doubt, the safest bet is to just pick up the phone and say: "Hey, I just got this email from you. Is it legit?"


Stay safe out there.



PS. Check out our short video on our presentation at this year's Hotel & Restaurant Show where we did a live lock picking demonstration:

New Friday Funnies

How does a tree get on the internet?

 It logs on.


bottom of page