• banner

Phish Bowl

October 17, 2017

17 Oct 2017.JPG

October 12, 2017

12 Oct 2017.JPG

October 9, 2017

9 Oct 2017.JPG

October 7, 2017

7 oct 2017_0.JPG

October 3, 2017

3 Oct 2017.JPG

October 1, 2017

1 Oct 17.JPG

September 29, 2017

29 Sep 2017.JPG

September 25, 2017

25 Sep 17.JPG

 
September 20, 2017

Phish 20 Sep.JPG

September 3, 2017

Phish 3 Sep.JPG

august 31, 2017

warning 31 Aug_0.JPG

new document 31 Aug.JPG
august 30,2017

Urgent 30 August.JPG

 
august 29, 2017

Access 29 Aug.JPG

 
August 25, 2017

Important Messages.JPG

august 23, 2017

Office 365 Aug 23.JPG

 
August 22, 2017

Capture.JPG

August 3, 2017

New Message for you.JPG

August 1, 2017
attention_0.JPG
JULY 29, 2017
Update Account.JPG

Urgent Update_0.JPG

 

July 17, 2017

notice_0.JPG

June 7, 2017

walmart_0.JPG
MAY 17, 2017

Breach at DocuSign Led to Targeted Email Malware Campaign

DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems. The company stresses that the data stolen was limited to customer and user email addresses, but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign.

On San Francisco-based DocuSign warned on May 9 that it was tracking a malicious email campaign where the subject line reads, “Completed: docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature.” The missives contained a link to a downloadable Microsoft Word document that harbored malware.

A typical DocuSign email. Image: DocuSign.

A typical DocuSign email. Image: DocuSign.

The company said at the time that the messages were not associated with DocuSign, and that they were sent from a malicious third-party using DocuSign branding in the headers and body of the email. But in an update late Monday, DocuSign confirmed that this malicious third party was able to send the messages to customers and users because it had broken in and stolen DocuSign’s list of customers and users.

“As part of our ongoing investigation, today we confirmed that a malicious third party had gained temporary access to a separate, non-core system that allows us to communicate service-related announcements to users via email,” DocuSign wrote in an alert posted to its site. “A complete forensic analysis has confirmed that only email addresses were accessed; no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed. No content or any customer documents sent through DocuSign’s eSignature system was accessed; and DocuSign’s core eSignature service, envelopes and customer documents and data remain secure.”

The company is asking people to forward any suspicious emails related to DocuSign to spam@docusign.com, and then to delete the missives. 

“They may appear suspicious because you don’t recognize the sender, weren’t expecting a document to sign, contain misspellings (like “docusgn.com” without an ‘i’ or @docus.com), contain an attachment, or direct you to a link that starts with anything other than https://www.docusign.com or https://www.docusign.net,” reads the advisory.

If you have reason to expect a DocuSign document via email, don’t respond to an email that looks like it’s from DocuSign by clicking a link in the message. When in doubt, access your documents directly by visiting docusign.com, and entering the unique security code included at the bottom of every legitimate DocuSign email. DocuSign says it will never ask recipients to open a PDF, Office document or ZIP file in an email.

DocuSign was already a perennial target for phishers and malware writers, but this incident is likely to intensify attacks against its users and customers. DocuSign says it has more than 100 million users, and it seems all but certain that the criminals who stole the company’s customer email list are going to be putting it to nefarious use for some time to come.