Security Boulevard

The DocuSign Email That Wasn’t – A Three-Redirect Credential Harvest

TL;DR Attackers sent a convincing DocuSign notification with a "Review & Sign" button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain ...
Forbes

DocuSign Exploit Lets Hackers Send Fake Invoices

DocuSign, Inc. is an American company providing document management services. In a recent cyber threat development discovered by the Wallarm security firm, attackers are exploiting DocuSign’s API ...
Yahoo

That Docusign Email From Apple Pay Is a Scam

Did you know you can customize Google to filter out garbage? Take these steps for better search results, including adding Lifehacker as a preferred source for tech news. If you receive an unsolicited ...
WGAL

Docusign scam resurfaces with urgent phishing emails | Do not respond directly

YOUR SIDE, CONSUMER INVESTIGATOR BRIAN ROCHE EXPLAINS HOW THIS ONE WORKS. THIS IS ONE OF THE SCAMS THAT MAY DISAPPEAR FOR A WHILE, BUT THEN IT MAKES A COMEBACK. AND OVER THE PAST MONTH, THIS ONE HAS ...
ロイター

DocuSign says hackers accessed customer email database

(Reuters) - Electronic signature service DocuSign said on Tuesday hackers had temporarily gained access to a database containing customer emails following a surge in phishing emails sent to its users.
Bleeping Computer

DocuSign's Envelopes API abused to send realistic fake invoices

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a legitimate service, ...
WeLiveSecurity

Word to the wise: Beware of fake Docusign emails

Remember when you used to have to print, sign, scan, email and/or even fax every time you wanted to sign and send an official document? Today, much of the hard work is done behind the scenes by cloud ...