At Broadtek, we strive to keep our customers aware of all potential phishing attacks in the news. This week we are looking at the DocuSign attack.
DocuSign has admitted they were the victim of a data breach that has led to massive phishing attacks which used ex-filtrated DocuSign information.
They discovered the data breach on May 9, 15, and 17 when DocuSign customers were being targeted with phishing campaigns. They now are advising customers to filter or delete any emails with specific subject lines. We are not going to repeat them here, because this newsletter may be filtered out. However, you can see them on the KnowBe4 blog: https://blog.knowbe4.com/scam-of-the-week-docusign-phishing-attacks
The campaigns all have Word documents as attachments, and use social engineering to trick users into activating Word’s macro feature which will download and install malware on the user’s workstation. DocuSign warned that it is highly likely there will be more campaigns in the future.
We suggest you send the following to your employees. You’re welcome to copy, paste, and/or edit:
“Hackers have stolen the customer email database of DocuSign, the company that allows organizations to electronically sign documents. These criminals are now sending phishing emails that look exactly like the real DocuSign emails, but they try to trick you into opening an attached Word file and click to enable editing.
But if you do that, malware may be installed on your workstation. So if you get emails that look like they came from DocuSign and have an attachment, be very careful. If there is any doubt, pick up the phone and verify before you electronically sign any DocuSign email. Remember: Think Before You Click.”
This article was written by Stu Sjouwerman, Founder and CEO of KnowBe4, Inc.
If you would like to learn more about KnowBe4 and how it can protect your business from phishing and malware attacks, call your Broadtek Account Representative or email firstname.lastname@example.org.
The Broadtek Team