If your company uses DocuSign for electronically-signed documents, we urge that if you receive an email from DocuSign, be vigilant and ensure that it is legitimate.How can you protect yourself from an attack?
- Verify the hyperlink. Do not click on the link in the email. Instead, go to docusign.com and enter the unique security code included at the bottom of every legitimate DocuSign email.
- Verify that the email address of the sender is correct and not missing a letter, or that it is not some variation of the name or domain
- If you are not expecting the email, contact the sender via another method (by phone or in person) to verify they sent the request to you.
- Watch for and delete any emails with the subject line, “Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature” and “Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature.”
These emails are not from DocuSign; they are sent by cybercriminals and contain a link to malware.
DocuSign has requested that any users who receive a suspicious email forward it to email@example.com.
Your security is important to us. Please call Yeo & Yeo if you have questions or need assistance.