Docusign invoice for Brandon Ford alert
It has come to our attention that a malicious phishing email has been sent out with the sender name "Brandon Ford via Docusign" stating that your invoice is ready to be viewed. This email is not from, nor in any way related, to Brandon Ford. We strongly recommend that if you receive this email that you do not click on any link (attachment) and immediately delete it. We also want to assure our customers that these emails are not the result of any data breach, but rather a random targeting. It is also recommended that if you have received one of these emails through your work computer system that you contact your employer's IT department to inform them of the malicious content.
Below is statement issued by Docusign that can also be viewed here: https://www.docusign.com/blog/docusign-update-recent-phishing-attack/
"Last week and again this morning, DocuSign detected an increase in phishing emails sent to some of our customers and users – and we posted alerts here on the DocuSign Trust Site<https://www.docusign.com/trust> and in social media. The emails “spoofed” the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, installs malicious software. As part of our process in response to phishing incidents, we confirmed that DocuSign’s core eSignature service, envelopes and customer documents remain secure.
However, as part of our ongoing investigation, today we confirmed that a malicious third party had gained temporary access to a separate, non-core system that allows us to communicate service-related announcements to users via email. A complete forensic analysis has confirmed that only email addresses were accessed; no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed. No content or any customer documents sent through DocuSign’s eSignature system was accessed; and DocuSign’s core eSignature service, envelopes and customer documents and data remain secure.
We took immediate action to prohibit unauthorized access to this system, we have put further security controls in place, and are working with law enforcement agencies. Out of an abundance of caution as a trusted brand and to protect you from any further phishing attacks against your email, we’re alerting you and recommend taking the following steps to ensure the security of your email and systems:
· Delete any emails with the subject line, “Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature” and “Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature”. These emails are not from DocuSign. They were sent by a malicious third party and contain a link to malware spam.
· Forward any suspicious emails related to DocuSign to email@example.com, and then delete them from your computer. They may appear suspicious because you don’t recognize the sender, weren’t expecting a document to sign, contain misspellings (like “docusgn.com” without an ‘i’ or @docus.com), contain an attachment, or direct you to a link that starts with anything other than https://www.docusign.com<https://www.docusign.com/> or https://www.docusign.net<https://www.docusign.net/>.
· Ensure your anti-virus software is enabled and up to date.
· Review our whitepaper on phishing available at https://trust.docusign.com/static/downloads/Combating_Phishing_WP_05082017.pdf
Your trust and the security of your transactions, documents and data are our top priority. The DocuSign eSignature system remains secure, and you and your customers may continue to transact business through DocuSign with trust and confidence.
For updates and more information, please visit the DocuSign Trust Site<https://www.docusign.com/trust> where we will post any new information when it becomes available. If you have any questions, please firstname.lastname@example.org or call +1-800-379-9973."