DocuSign, one of the document and signature management platforms SMU utilizes, recently reported a phishing campaign that attempts to mimic a DocuSign signature required notification e-mail. Here’s what they had to say:
DocuSign has observed a new phishing campaign that began the morning of May 16 (Pacific Time). The email comes from “firstname.lastname@example.org” with the subject “Legal acknowledgement for <person> Document is Ready for Signature” and it contains a link to a malicious, macro-enabled Word document. We suggest you do not open this email, but rather delete it immediately. If you have received the email and opened it, please change your password as soon as possible.
If you have received an e-mail like this, delete it immediately! If you clicked on any links or attachments in the e-mail, reset your SMU password immediately at smu.edu/password and call the IT Help Desk at 214-768-4357.
If you would like to be automatically informed about the latest security updates and alerts for DocuSign, please follow @askdocusign (DocuSign Support) on Twitter, where they will be posting notifications when the Trust Center is updated.