Phishing attempts
-
Hello everyone,
Has anyone else noticed an increase in these types of emails after using DocuSeal for a while? I've been receiving emails that mimic the DocuSeal URL and are being sent to email addresses that we use to log into DocuSeal."
-
Nor me but I only use the package occasionally
-
Isn't the email from DocuSign ? Says so in the powered by footer.
To answer your original question though, we haven't received any emails like above, if that's a data point.
@girish said in Phishing attempts:
DocuSign
Yeah, this doesn't appear to be spoofing DocuSeal at all as it only mentions DocuSign
-
Hello everyone,
Has anyone else noticed an increase in these types of emails after using DocuSeal for a while? I've been receiving emails that mimic the DocuSeal URL and are being sent to email addresses that we use to log into DocuSeal."
@jfrere Did you click on it? Maybe it's a genuine case from one of your customers or suppliers? If not, it is almost certainly a phishing mail.
Let's have a look at the docusigns websiteDocuSign | #1 in Electronic Signature and Contract Lifecycle
#1 is often the target of phishing -
What do the email headers say?
-
I typically check the links - doesn't matter what icons or branding used - links on buttons etc will normally be the giveaway
-
Thank you for your replies. The e-mail subject was forged to copy the domain name we use for DocuSeal, and the recipient e-mail address was the one we use to log in.
There was this image and also a link to a spammy website. I think there might be a way to access some data inside the DocuSeal instance, and use it to forge e-mails.
That's just my guess. -
Hello everyone,
Has anyone else noticed an increase in these types of emails after using DocuSeal for a while? I've been receiving emails that mimic the DocuSeal URL and are being sent to email addresses that we use to log into DocuSeal."
-
@murgero sure. But my message was more about a possible flaw in DocuSeal that would allow access to some information.
@jfrere No, this is a common scam email to get you to click a link and put login information into a fake login page. It's not an exploit, it likely wasn't sent from docuseal or docusign's domains either.
It's totally common, and nothing to worry about so long as you don't click the links in the email and put in your real login info
You can move it to spam for learning or even just delete it and you'll be safe
