Hello, @LarryAZ 

You are welcome to the Docusign Community!

I'm sorry you're experiencing this issue.

Let me recommend two practical articles to help combat and protect against email Phishing:

1. https://support.docusign.com/s/articles/What-Should-I-Do-if-I-Receive-a-Suspicious-Email?language=en_US&rsc_301
   
    
2. Combating Phishing white paper:
   chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.docusign.com/sites/default/files/docusign_combating_phishing_whitepaper.pdf

I hope that helps!

Best,

Alexandre

Not much.  I’ve already been to the 1st link and my email was rejected as spam. 2d, no.  I have my own mail server and good spam filtering.  DocuSign either has a problem with phishers using their service, or well spoofed mail headers in addition to making it cumbersome to report. 

I’ve been getting those as well, and like you, I’m managing the issue. Just got this one today:

from dse AT eumail DOT docusign DOT net   <=== Dead giveaway that it’s a scam

Embedded link in the button

https://eu DOT docusign DOT net/Signing/EmailStart.aspx?a=6ad21c0b-3476-4bf2-a973-fd59e76ccad8&acct=af1c29b3-e43c-4f33-a8c1-9a84e59e528f&er=a9b23abe-d970-4430-8305-6616fd119e0b

Event the “Report this email” link points to the Dot net domain.

Not really sure where to report fraud at DocuSign though.

Hello @cmac59 and @LarryAZ  ,

Welcome to the Docusign Community and thank you for posting your concerns!

I’m sorry to hear that you are getting these emails, I understand you are suspicious of them as they can be fraudulent emails.

We appreciate you making us aware of bad actors using the DocuSign product inappropriately. Our Security teams have created an Incident Reporting guide on our Trust site. We recommend you do not click on any links from emails that are looking suspicious.

Please click the link below for up-to-date information on how to let Security know about phishing or fraud attempts: https://www.docusign.com/trust/security/incident-reporting  

There is also the “Combating Phishing: A Proactive Approach” whitepaper available here: https://www.docusign.com/sites/default/files/docusign_combating_phishing_whitepaper.pdf

Let us know if you need further assistance with this.

Best regards,

Nathaly | Docusign Community Moderator
"Select as Best" below if you find the answer a valid solution to your issue!

Link to the white paper is broken, the working link is as below
https://assets.ctfassets.net/0jnmtsdzg6p5/6SvJ0lqpwUSX50UfX8ek1l/3385810f09fc854384787073bbcdacf4/Combat-Phishing_24-08_whitepaper_EN-US.pdf

I have exactly the same problem today. Is docusign.net legit or not? Can someone from Docusign give a clear answer?

​@userPNAJ 

You may need to expand a bit more on your question - and maybe create a new post rather than adding onto the end of a ‘solved’ post. 

What is the problem you’re having? Did you get an email to sign something? If you have a DocuSign account, you can sign into your account and see if there are any documents waiting (rather than follow a suspicious link). Or you could contact the sender and ask if have sent you something.

good luck

mr1

On 2/18  I was asked to use DocuSign to sign a document with my real estate agent. One day after that on 2/19, I received three emails from domain docusign.net and title as “PayPal Customer Care via DocuSign” . These email claim that my PayPal account was used to purchase crypto currencies from Coinbase and clearly these are scams. I don’t understand how this can happen just after my using DocuSign and it raises my concern about security of your service. The most confusing part is that the sender’s domain is docusign.net.

I had the same exact thing happen to me. I got an email yesterday about unauthorized activity on my pay pal account. I don’t use pay pal  anymore. The email address I was to respond to is  dse_NA4@docusign.net . I obviously I didn’t click the link but the the domain name is concerning 

got a second one this week

We just block everything from docusign.net.  Receiving like 5 a day for the past two months. It’s obvious they are being abused and they don’t seem to care. We’ve told all our vendors not to send us anything via docusign, it will be rejected at the gateway.

Hello Team,
Thank you for alerting us to dishonest people abusing the Docusign product. Our security teams have produced an incident reporting guide on our Trust website.
For the most recent details on how to notify Security about phishing or fraud efforts, please follow the link below:
https://www.docusign.com/trust/security/incident-reporting
There is also the “Combating Phishing: A Proactive Approach” whitepaper available here: https://www.docusign.com/sites/default/files/docusign_combating_phishing_whitepaper.pdf
Feel free to let us know if you need any more help with this.

Best regards,

Jenny | Docusign Community Moderator

"Select as Best" below if you find the answer a valid solution to your issue.

Hi!
We recently prepared a video and a community post with more information about email security. Please, check it out:

Hello DocuSign Security Team,

Our organization has recently received phishing emails claiming to be from dse@docusign.net, which appear to spoof legitimate DocuSign communications. Upon investigation, we identified that the emails were sent from the malicious IP address 110.164.177.109, which is not associated with your official infrastructure.

The phishing messages attempt to lure recipients into clicking on suspicious links and may lead to credential theft or malware.

We wanted to bring this to your attention so you can take any appropriate action (e.g., domain/IP blocking, security bulletin, or legal escalation). Please let us know if you require headers or additional samples — we are happy to assist.

Thank you for your support and commitment to user safety.

Hi ​@rodrigue rib !
First of all, thank you for collecting this information and for your efforts spent on it.

We kindly ask that you send this information through our correct spam report channels, ensuring that the security team is properly notified and takes action (if necessary). Please, check out Quick Reporting Guide to know how to proceed.

Thank you!

This issue is continuing and only escalating. DocuSign needs to disable direct send in their tenant, or fully mitigate this issue through other means, because this is a real threat and they are spoofing internal communications and business flows. To the extent that DocuSigns own guidance on receiving a questionable email is to check the site to see if the document is legit. Well, the fake document shows up on the site as legitimate, even though it is clearly not. This is a major issue and needs to be resolved before trust is completely broken with this company.

Also, I followed the steps listed above and the only way I saw to get to the “report abuse” link is to create a paid account. Is that true?