Phishing attempts
-
Nor me but I only use the package occasionally
-
@girish said in Phishing attempts:
DocuSign
Yeah, this doesn't appear to be spoofing DocuSeal at all as it only mentions DocuSign
-
@jfrere Did you click on it? Maybe it's a genuine case from one of your customers or suppliers? If not, it is almost certainly a phishing mail.
Let's have a look at the docusigns websiteDocuSign | #1 in Electronic Signature and Contract Lifecycle
#1 is often the target of phishing -
What do the email headers say?
-
I typically check the links - doesn't matter what icons or branding used - links on buttons etc will normally be the giveaway
-
Thank you for your replies. The e-mail subject was forged to copy the domain name we use for DocuSeal, and the recipient e-mail address was the one we use to log in.
There was this image and also a link to a spammy website. I think there might be a way to access some data inside the DocuSeal instance, and use it to forge e-mails.
That's just my guess. -
@jfrere No, this is a common scam email to get you to click a link and put login information into a fake login page. It's not an exploit, it likely wasn't sent from docuseal or docusign's domains either.
It's totally common, and nothing to worry about so long as you don't click the links in the email and put in your real login info You can move it to spam for learning or even just delete it and you'll be safe