The DocuSign phishing attack is the latest malicious tactic used to coerce computer users into entering their account credentials on a fake login page. Such actions can have very dangerous consequences and as a result can infect the system with various malware. Our guide shows how potenital targets can spot the scam and evade it.
DocuSign Phishing Scam – Overview
The security community has alerted of a new threat — the DocuSign Phishing Scam. The hackers behind it have created a counterfeit site that poses as a legitimate login page for DocuSign, one of the leading electronic signature companies.
The practice makes use of two common tactics associated with these type of threats:
- Domain Name — The hackers use a similar sounding domain name — dacusign.^net VS docusign.com.
- Web Elements — The criminals have hijacked legitimate web elements that are used by the service.
Users can receive the DocuSign phishing scam through email messages. They are sent using a bulk distribution campaign and may either display the message itself or contain a long text-based body contents that redirect to the constructed site. In most cases the messages will be sent via the spoofed domain. Another tactic would be to spoof other (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/docusign-phishing-scam-get-rid/