January 28th, 2013

Beware of Malware Emails Claiming to Be from DocuSign

DocuSign, SMCU’s electronic document provider, has notified us that they have been made aware of several malware spam emails that claim to come from DocuSign. These emails may include links that could expose the recipient to malware viruses.

If you receive a suspicious email from DocuSign that you believe to be fraudulent, please notify the DocuSign security team by forwarding the email to ‘spam@docusign.com’. Do not click on any of the links in the email.

The full text of the DocuSign alert, including a screen shot of the fraudulent email, appears below.

SMCU and DocuSign are dedicated to protecting your personal financial information and to helping you remain secure when conducting financial transactions online.


Malware Spam Alert 1/24/2013

At 8:40AM PST this morning, 1/24/2013, DocuSign became aware of new malware spam emails that are being sent as if it was coming from the DocuSign service. An example follows immediately below. These emails are not coming from DocuSign and you should not click on any links or attachments therein. They are coming from an unrelated, malicious third party attempting to copy DocuSign’s email branding in the hopes of fooling recipients into opening the email and clicking on links and/or attachments. Within this latest round of malware spam email attacks, the links included within the emails ARE NOT safe, secure links to the DocuSign service. As a recipient, you can recognize safe, secure DocuSign links by hovering your mouse over them before you click on them to ensure that they start with: https://www.docusign.com or https://www.docusign.net.

Any other links within emails made to look like DocuSign system emails are unsecure and unsafe. DO NOT CLICK these links. Examples of unsecure and unsafe links that we have seen in malware spam emails to date include (but are not limited to):

  • http://www.lichtblick-optik.de
  • http://www.xeniastudio.hu/abridged/index.html
  • http://kozmetikapecel.hu/boxed/index.html
  • http://www.crofthandyreflexology.co.uk/klansman/index.html
  • http://kesharie.eu/treatable/index.html
  • http://superpowerfruits.com/fiddles/index.html
  • http://unterwegsinfrankreich.medianewsonline.com/sulkiest/index.html

If you believe you received malware spam email, please forward the email to ‘spam@docusign.com’ and then immediately delete it from your system. More information on this and other malicious malware spam email attacks – including a screen shot of the spoof email – can be found on the DocuSign web site at https://www.docusign.com/spam.

DocuSign spam

Comments are closed.