Xiologix partner KnowBe4 named the new outbreak of DocuSign Phishing Attacks as their “Scam of the Week.” Here is what KnowBe4 founder and CEO Stu Sjouwerman had to say in their latest newsletter posted earlier today, May 22.
“DocuSign has admitted they were the victim of a data breach of customer email addresses only that has led to massive phishing attacks which used the exfiltrated DocuSign information. Ouch. So here is your Scam of the Week.
They discovered the data breach when on May 9, 15, and 17 DocuSign, customers were being targeted with phishing campaigns. They now are advising customers to filter or delete any emails with specific subject lines. We do not repeat them here, because this newsletter might be filtered out, but you can see them at the blog, together with screenshots:
The campaigns all have Word docs as attachments, and use social engineering to trick users into activating Word’s macro feature which will download and install malware on the user’s workstation. DocuSign warned that it is highly likely there will be more campaigns in the future.”
For more information, together with sample subject lines to beware of and a screen shot of a sample phishing email, please visit https://blog.knowbe4.com/scam-of-the-week-docusign-phishing-attacks.
For more information on how Xiologix and KnowBe4 can help keep your organization safe from cyberattacks, please contact us.