Monday, May 15, 2017

Docusign emails are stolen and are used in phishing campaign

If you received any message from this email then be cautious.Your information has been compromised. Please do do not click on the link or download any document.

Mail you might receive

"Dear Applicant~

Thank you for your interest in employment with Saicon Consultants, Inc.  We appreciate you applying for a position with our company.  Please fill out the attached voluntary documents to complete the application process." 

I was receiving continuous mails from HR asking to review and sign. I got suspicious and mailed them to know if I had applied to them?

My reply

The response what I got from them

"I show that you applied for an Application Architect/Full Stack Developer on 03/22/17.  We are just auditing our applicants to be sure we are in compliance with discrimination laws.  If you wouldn’t mind to take a few minutes to complete our survey, it would be greatly appreciated.  Any information given would be kept in confidence.  If you wish not to complete, you can decline the forms by following the link as well or simply replying to this email."

The Threat

DocuSign, the owner of eSignature, one of the most popular digital signature services, said today that a database of customer emails was breached and used in a phishing campaign that began last week.

The phishing emails were designed to look like they were sent by DocuSign and had subject lines that said “Completed: [domain name]  – Wire transfer for recipient-name Document Ready for Signature” or “Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature.” Word Document attachments in the emails installed malware if opened.

The company began tracking the phishing campaign on its security site on May 9, though it was not until today that it confirmed its email list had been stolen.
In today’s post, DocuSign said its eSignature service, envelopes, and customer documents remain secure, but that hackers were able to access customer emails through a “non-core” system that the company uses to send service-related announcements. DocuSign added that only emails were stolen and other sensitive information, including names, physical addresses, passwords, social security numbers, credit card data, and documents sent through the eSignature system, were not accessed.

DocuSign said it has put more security measures in place and contacted law enforcement agencies. It listed several steps customers should take to protect themselves, including forwarding suspicious emails to before deleting them from their computers, updating anti-virus software, and reading DocuSign’s white paper on phishing.
Please share this information

No comments:

Post a Comment