The DocuSign Desperado: What You Need To Know
Our team has come across a slew of phishing attacks designed to steal your email credentials. We’re calling one particular scam “The DocuSign Desperado.” Here’s what you need to know to protect yourself – and your business.
Friend or Foe?
The DocuSign Desperado tries to get your credentials by sending an email that appears to be from one of your friends or business contacts. The email will say that the sender has a DocuSign or Dropbox file for you to review. There will be a link to the file, and you’ll be asked to click the link to review it.
Many of the emails we’ve come across look similar to this:
When you click on a link it will take you to page that mimics DocuSign’s website. The site (pictured below) shows that there is even a secure URL. Hackers are now finding ways to make their sites appear more legitimate and they know we are doing a better job watching out for secure URLs. To read more about the war on non-secure sites, check out this blog post.
Once you select your email provider, as the screen asks you to do, you will be asked to enter your account credentials. Then, you’ll be told the credentials you entered are invalid and to try again. Each time you enter your credentials into this fake site, attackers are learning what your various passwords are. Attackers can then use these login attempts to try and gain access to your email, Dropbox, or any other account with which your email address is associated.
Do you know how a hacker will get you? Schedule a free session with the Network Detective to find out.
If they get the right credentials, hackers can take over your email from a web portal and send everyone in your address list the same kind of malicious email. If you receive that email from a friend, it means they’ve been successfully hacked without even knowing it.
How To Avoid Being The Next Victim
There are a few ways you can identify whether the email you received is legitimate or malicious. One easy way to scope it out is to hover your mouse over the links before clicking anything. If the email is malicious, you’ll see that the URL does not correspond to Dropbox, DocuSign, or any other provider.
You can also message (but don’t forward the suspicious email) your friend or business associate to ask if they really sent that email. If they didn’t, let them know they’ve likely been hacked.
The #1 way to prevent a hacker from gaining access to your network is to educate yourself and your employees on safe computer habits. If you didn’t know, you are the biggest threat to your network security.
If you see any kind of email that resembles what was pictured, do not click on the links and do not provide any login credentials. Contact our technical support team here or call us at 410.685.5512 to analyze it further and discuss a back-up plan in case you’re hacked.
About Joshua Beitler
Josh monitors, updates and troubleshoots network and server systems for clients. He works primarily in Windows Server, Microsoft Office and Office 365 environments, but also has experience with automated network monitoring and data backup solutions. Outside of work, Josh is a wine enthusiast. His technology background resulted in Josh creating an app to log the different wines he’s sampled.