Skip to main content
arrow-left Back to Docusign.com
Solved

Microsoft quarantining "dangerous" emails from docusign.net

  • May 23, 2024
  • 7 replies
  • 22484 views
N
New Voice
Forum|alt.badge.img+2

I am a security admin for our Microsoft 365 account. Today all emails from dse_na4@docusign.net are being stripped and held due to “containing malicious URL”. These emails appear to be legit. They are related to envelopes actively in the signing process, and we have verified that the document activity attached matches what we see when logging directly in via DocuSign.com. When browsing directly to www.docusign.net, our browsers are also flagging docusign.net as a dangerous/malicious website. The combination of MS and browsers flagging as dangerous has us concerned, and we have asked our users to pause use of DocuSign momentarily until we can confirm.

Is there any currently known active threat that is being managed on the docusign.net domain?

Thanks!

Best answer by nathaly.monge

Hello @NorCalTim@ScoutClinical@ColinGray and @Michael Minnis 

Welcome to the Docusign Community and thank you for posting your concerns!

I’m sorry to hear all of your unfortunate experience regarding the URLs being received. I understand that due to this, it is flagging the emails as dangerous.

At Docusign, we take security seriously, and we value our user community's role in helping us maintain the highest standards. To ensure a secure experience for all, we encourage our users to learn how to identify and report potential security concerns effectively. Visit this support article (https://www.docusign.com/trust/security/incident-reporting) to discover the best practices for spotting potential vulnerabilities and reporting them to our dedicated security team. By working together, we can ensure the ongoing safety and reliability of Docusign for everyone.

Let us know if you need further assistance with this.

Best regards,

Nathaly | Docusign Community Moderator
"Select as Best" below if you find the answer a valid solution to your issue!

S
Michael Minnis

7 replies

D
Hero
Forum|alt.badge.img+15

@NorCalTim There are a few URLs I would recommend to lookup current Instance issues and overall Security type concerns:

https://status.docusign.com/

https://www.docusign.com/trust/alerts

On the Alerts site there is some indication that a new SSL Cert is available for NA4 but not sure that would cause issues unless the Cert had expired on your side.  

Last I would suggest creating a DocuSign case to determine if there are any other concerns that might indicate an issue either internally or on the DocuSign side.

N
New Voice
Forum|alt.badge.img+2
  • NorCalTimNew Voice
  • Author
  • New Voice
  • May 23, 2024

Thank you, that makes sense. I did also create a support ticket and they have offered advice regarding MS Defender settings. I appreciate the quick reply!

S
Newcomer
Forum|alt.badge.img+1

Same issue affecting our organization.  What settings did they offer for Defender?  

C
Newcomer
Forum|alt.badge.img+1
  • ColinGrayNewcomer
  • Newcomer
  • May 28, 2024

@NorCalTim 

Can you post the details they sent you Sir?

Michael Minnis
Newcomer
Forum|alt.badge.img+1

This has been occurring for us as of 5/13/24 for DSE-NA3 and NA4 and has significantly affected our normal operation. Will be taking this up with them, for now I have had to create manual entries to allow these.

 

 

Michael Minnis Systems Administrator Website | LinkedIn
N
Community Moderator
Forum|alt.badge.img+17
  • nathaly.mongeCommunity Moderator
  • Community Moderator
  • Answer
  • July 29, 2024

Hello @NorCalTim@ScoutClinical@ColinGray and @Michael Minnis 

Welcome to the Docusign Community and thank you for posting your concerns!

I’m sorry to hear all of your unfortunate experience regarding the URLs being received. I understand that due to this, it is flagging the emails as dangerous.

At Docusign, we take security seriously, and we value our user community's role in helping us maintain the highest standards. To ensure a secure experience for all, we encourage our users to learn how to identify and report potential security concerns effectively. Visit this support article (https://www.docusign.com/trust/security/incident-reporting) to discover the best practices for spotting potential vulnerabilities and reporting them to our dedicated security team. By working together, we can ensure the ongoing safety and reliability of Docusign for everyone.

Let us know if you need further assistance with this.

Best regards,

Nathaly | Docusign Community Moderator
"Select as Best" below if you find the answer a valid solution to your issue!

T
Newcomer
Forum|alt.badge.img+1
  • TarundugNewcomer
  • Newcomer
  • December 4, 2024

Hi Team,

We have received an email from dse_NA3@docusign.net which contains a malicious url which redirecting to fake Microsoft page and asking for credentials, I feeling like it's a credential harvesting. Kindly let us know whether the sender address is legit and official email address of docusign or not. 

Code of ConductAccessibility statement

Docusign Community

Code of Conduct