Security Alert: Phishing with fake DocuSign

Please think before you click. This afternoon, I received a message from a person I know well, but the message was out of character. Since she is a partner in a well-known and respected architectural firm in Seattle, I responded to her message indicating to her that I thought she had sent this to me by mistake.


I got back, almost instantly a message indicating it was a document she wanted me to review.


The response message was also a bit suspicious because once again, there was no personalization. So I called her. She was out for the afternoon, but the receptionist asked me if I got an email from her and then let me know that her email had been hacked and their IT guy was working on it.

The entire message thread is shown below:

Many business people recognize DocuSign as a respected way to legally sign documents and is a 100% legitimate and security conscious company. The combination of the well-respected firm, a known relationship, and DocuSign, nearly caused me to click the link


I checked the header of the messages sent, and these messages were not spoofed but sent from her actual Office365 email account. The fact that her IT department was working on it, while the perpetrator was still responding to messages was my biggest concern. Cyber security is a job for all of us.


If you have not already done so, please review the steps you should take WHEN you find out your email has been hacked. And share this with all of your employees and customers. In this case, the first and most important step was not taken.


About the Author PFP-Admin

Leave a Comment: