DocuSign is a company that provides technology for the transmission of contracts and other documents with features for electronic signatures. DocuSign is used by many businesses. Recently, the security vendor Avanan discovered an increasing number of scams in which phony DocuSign messages are being used to sending malware infected links and phishing links luring people into providing personal information that is used for identity theft purposes. I described such a scam to you last May when I received a phishing email, reproduced below that purported to be sent by my landlord in regard to a change in the terms of my lease that required my immediate attention. This phishing email prompts me to click on a link to open a document that needed my signature. The phishing email looked very professional and contained the DocuSign logo and appeared legitimate. However, the email address of the sender was one totally unrelated to either DocuSign or anyone with whom I do business. Most likely it was the email address of someone whose email account had been hacked and made a part of a botnet used by the cybercriminal to send out large numbers of these emails. Additionally, I do not rent any real estate so the email couldn’t apply to me. Scammers send these emails out in large numbers hoping that many people who do rent their homes will be lured into clicking on the link
This phishing email was designed to lure the person receiving the email to click on the link and either provide personal information that could be used for identity theft, or, as more likely in this particular phishing attempt, merely by clicking on the link would have downloaded malware such as ransomware or keystroke logging malware into the computer of the person clicking on the link. Keystroke logging malware would have enabled the cybercriminal to steal all of the personal information from the computer and make that person a victim of identity theft. I removed the link from the email displayed below.
In this case, I actually followed my own advice as to never click on a link regardless of how legitimate the email or text message may appear until confirming that the message is legitimate. In this case I didn’t even need to confirm that it was not legitimate because of the telltale evidence of the email address of the sender and the fact that I do not have any leases.
The lesson here is clear. You can never be sure when you receive an email as to who is really contacting you. Although sometimes it is obvious when the email address of the sender does not correspond to who is represented as sending the email, but other times the email account of someone or some company you trust could have been hacked and used to send you the malware. Therefore you should never click on a link or download an attachment in an email until you have absolutely and independently confirmed that it is legitimate.
For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.” Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/