DocuSign was breached a few months ago and it is still a threat. We have witnessed a recent surge in phishing schemes using DocuSign.
The emails look convincing and are made stronger by using personal information. These emails contain a link or attachment that, once clicked or opened, prompt you for your credentials and then continues spreading the malicious emails to your contact list.
The emails are coming from someone in your contact list. If someone you know was breached, this scheme will use their email address to send from.
The subject line on the most recent schemes has been, “Action Required: Completed: Docusign.”
*Take note of the below Docusign phishing email. It is quite convincing.