Cybercriminals are employing increasingly sophisticated tactics to defraud unsuspecting individuals, with the latest scam involving the misuse of DocuSign’s API. In this scheme, scammers leverage DocuSign’s trusted email service to send fraudulent messages that appear to originate from reputable companies like PayPal.
How the Scam Works
Attackers create DocuSign accounts and use its built-in templates to send fake invoices and notifications. These messages are designed to look like legitimate PayPal communications, often informing recipients of unauthorized transactions or suspicious activity on their accounts.
Because these emails originate from DocuSign’s official domain, they easily bypass security filters and appear credible to recipients. The messages typically urge users to take immediate action, such as clicking a link or calling a support number, leading to potential financial loss or personal data theft.
Examples of the Scam
Many users have reported receiving fraudulent DocuSign emails claiming they have made unauthorized PayPal transactions, particularly involving cryptocurrency purchases. These scams rely on creating a sense of urgency, prompting recipients to react quickly without verifying the legitimacy of the message.
How to Protect Yourself
To avoid falling victim to this scam, follow these precautions:
- Verify the Sender: Always check the sender’s email address carefully. While the emails may come from DocuSign’s domain, look for signs of phishing, such as unexpected requests for personal or financial information.
- Avoid Clicking Links or Calling Provided Numbers: Instead of following the instructions in the email, log in to your account manually by entering the official website’s URL.
- Report Suspicious Activity: If you receive a suspicious email, report it to the company being impersonated and to DocuSign, helping them take action against fraudulent accounts.
By staying vigilant and following these safety measures, individuals and businesses can reduce the risk of falling victim to this advanced phishing scheme.