How to Identify Legitimate DocuSign Emails
According to
DocuSign, there are a few things to look for when identifying if an email is really coming from them. DocuSign customer envelope emails will always come from a “docusign.net” email. Additionally, most will contain a 32-character security code in the bottom portion of the email under the “Alternate Signing Method” section.
DocuSign’s website also states that on most of their emails, you’ll find a link that takes you to their official website to review your document. If you hover your mouse over the link in the email, without clicking on it, you can look at the URL. Legitimate DocuSign URLs begin with “https://www.docusign.net.” You may also see other prefixes from their server destinations, like:
One example of this could be “https://na4.docusign.net.” This means, if you hover over the link in an email you received and a different web address appears, it may be a phishing link.
How to Identify Recent DocuSign Scam Emails
The recent DocuSign scam emails reference technical support. Many are coming from an “outlook.com” email domain. You may also see subject lines like:
- MS Office 365
- Windows Defender purchased order
- Order successfully
- Complete with DocuSign: Bot Content (90).html
- Fire wall protection order successfully placed
If you use DocuSign at your business, it’s important to share this information with your employees so they can identify and report a phishing email.
If your business identifies a potential scam email from DocuSign, you should
report it immediately. Here’s how you can report it to DocuSign:
- Click “report this email” under the “stop receiving this email” section at the bottom of the email you received.
- This link brings you to the “report abuse” form where you can report illegal activity and fraud.
- Select “I believe this is fraudulent or contains illegal content” and click “Continue.” This will take you to the DocuSign portal, where you can file a report online. The portal can also be accessed directly.
- Once you’re in the portal, you can follow the prompts and provide details that DocuSign can investigate.
Information You’ll Need to Provide DocuSign for an Investigation
Once you’ve reported the scam email inside
DocuSign’s portal, you’ll be asked to provide information, like your:
- Full name
- Contact information
- Envelope ID or security code
- Supporting documents like screenshots
- Customer/sender name (business/individual) and email address
- Any other known customer/sender identifiers (physical address, phone number)
- Description of the incident
- Other relevant information
In addition to the DocuSign scam, it’s also important to watch out for these common scams and
cyber attacks that target small businesses:
- Ransomware: This involves scammers sending a link to your small business via email that freezes up your computer system, when it’s clicked on. This type of attack is called ransomware because the scammer will then demand a ransom payment so you can regain access to your computer system/files again.
- Fake invoices: You or your employees receive an invoice in the mail and pay it not realizing it’s a fake vendor. These invoices are often for everyday items like office supplies.
