DocuSign Phishing Email Alert: Docusign Send You A File For Your Sign And Approval

docusign phishing email example

Take note of this new DocuSign Phishing email containing a “DocuSign-themed message” that is linking to bafybeicpq3yyok3y4na5uszhzoszznzp2cljunwdi7h7mfeod5i3zc33ye.ipfs.dweb.link.

The message which has the subject “DocuSign send you a file for your sign and approval” is sent from the email address [email protected], which doubles as the Reply-To address. The email claims to contain an Invoice that one is supposed to see by clicking on the SEE DOCUMENT link that leads to https://bafybeicpq3yyok3y4na5uszhzoszznzp2cljunwdi7h7mfeod5i3zc33ye.ipfs.dweb.link/?filename=contract999.htm#[email protected], similar to the order refund scam.

On the link, you are required to input the password of your account in order to prove that you are not a robot, before reviewing and acting on the document.

DocuSign Phishing Email Example

docusign phishing 2023
Dear [email protected],

Please sign this invoice
This is an automatically created invoice for [email protected]
This note holds a secure link to Docu Sign. Please do not share this code with anybody. Other Signing Method
Visit DocuSign, click on ‘Access Documents’, and enter your email password About DocuSign
Sign invoice in just minutes. It is safe. Whether you’re at work, at home or even across the globe — Our service provides a professional solution for Digital Operations Management. Questions regarding the document?
In case you need to modify an invoice or have concerns about the details in the document, contact the sender directly.

If you cannot sign the document, please see the Help page on our Support Center.
  This message was sent to [email protected] by DocuSign Electronic Signature Service.

How Can You Tell A Fake DocuSign Email?

whois dweb.link
  • The sender does not address the recipient by name, but rather by Email
  • The SEE DOCUMENT link leads to a dweb.link domain whose whois data is redacted
  • All other links except the dweb.link domain are not active
  • The email is delivered to the Gmail spam folder
  • The email comes unexpectedly, with no linkage between the claimed document and the recipient.
  • One is required to input their password in the name of proving they are a robot, which is very risky
  • The document is external to the real website.

Final Word

If you receive such an email, it is recommended you delete it and ignore it. Don’t click on any links unless you prove that it is a legit document. You can do so by sending an email to [email protected]. You can also refer here for more tips to avoid falling victim.


Discover more from Thekonsulthub.com

Subscribe to get the latest posts sent to your email.