Skip to main content
Question

DocuSign Phishing Events

  • 1 July 2024
  • 4 replies
  • 170 views

I’m just curious as to the response time others are seeing when you send a message to spam@docusign.com.  Do you get any response other than they will look into it? If so, how long does that response take?  I asked someone to check on a case from the help desk and they indicated “Unfortunately, we dont have a way to follow up with the SPAM team. Can you try sending an email again to them or forwarding the email to them?”.  The email had already been forwarded to them.

 

My message came from dse_na4@docusign.net and the email as Universitypayrollupdate_@outlook.com but had the sender name as someone from our organization.  Since we don’t have any accounts on that server it was easy to know that it was a phishing attempt, but it does look legitimate if you don’t beware.

4 replies

N
Rank
Userlevel 4
Badge +12

Hello @Joe Chambers ,

 

Welcome to the Docusign Community and thank you for posting your concerns!

 

I’m sorry to hear that you are getting suspicious emails, we do appreciate you letting us know about these bad actors. I understand you have further questions regarding the response time of our team encharge of the spam and phishing emails.

 

For privacy reasons we do not respond to complainants with investigation status or outcomes from emails sent to that alias, you can find this information in the following article under the “Fraud” section: Docusign Legal FAQ

 

Also, the following article can go more in depth on how to spot suspicious emails: What should I do if I receive a suspicious email?

 

Let us know if you need further assistance with this.

 

Best regards,

Nathaly | Docusign Community Moderator
"Select as Best" below if you find the answer a valid solution to your issue!

J
Rank
Badge +1

While this is a solution to help prevent issues from occurring, it does not help us determine who sent the messages and how we can prevent them in the future.  This seems to be a common response that you are giving to anyone who logs a phishing ticket.  

 

Does DocuSign have a policy regarding phishing and if so, what happens to user accounts found to violate the policy?  Since phishing is different from spam and more dangerous I thought I’d check.

N
Rank
Userlevel 4
Badge +12

Hello @Joe Chambers ,

 

Welcome to the Docusign Community and thank you for posting your concerns!

 

There is also the “Combating Phishing: A Proactive Approach” whitepaper available here: https://www.docusign.com/sites/default/files/docusign_combating_phishing_whitepaper.pdf

 

Please click the link for up-to-date information on how to let Security know about phishing or fraud attempts and how to identify such emails: https://www.docusign.com/trust/security/incident-reporting  

 

We do have a policy that the Fraudulent Investigation Team follows. So, there can be two kinds of attack:

 

  1. On-product attack - where a fraudster can create an account on Docusign and start sending SMS that contains phishing links. These are easy to detect (given we have proper telemetry), and we close them with the help of the Fraud Investigation team.
  2. Off-product attack - This is difficult as it happens off-product. Here, an abuser pretends (imitation) that the SMS is coming from DocuSign, and the victim clicks on the link and gets phished. For that we have Guidelines on how to detect them so that you can report them and it can be investigated properly.

 

Let us know if you need further assistance with this.

 

Best regards,

Nathaly | Docusign Community Moderator
"Select as Best" below if you find the answer a valid solution to your issue!

N
Rank
Userlevel 4
Badge +12

Hello @Joe Chambers ,


If you found my response to be a useful solution to your question, please mark it as the best answer by clicking “Select as Best” to make it easier for other users to find.


Best regards,

Nathaly | Docusign Community Moderator
"Select as Best" below if you find the answer a valid solution to your issue!

Reply


Code of Conduct