Hackers fake DocuSign and offer fraudulent signing methods

Criminals impersonate the e-signing company to steal credentials

Security researchers have revealed criminals’ new tactics to impersonate major brands to steal and harvest victims’ credentials.

Researchers at Avanan, a Check Point company, said hackers impersonate major brands to perform phishing attempts. One frequently seen attempt mimics legit communications from DocuSign.

When DocuSign sends an email, it offers recipients an “Alternative Signing Method.” DocuSign prompts the recipient to visit https://www.docusign.com and enter a security code the company generates. This site then offers users more than one option to access and electronically sign their documents.

In a recent campaign researchers are following, hackers send an email that impersonates DocuSign from a docusign.net address that appears to be on behalf of an administrator. In this email, the attackers request the user view and sign a document and offer an alternative signing method. 

The link to the alternative method leads users to a fake website where they must enter their password. Hackers then steal the email address and password as part of a credential harvesting campaign.

Researchers revealed other commonly impersonated brands, which tend to be trusted and popular ones. The top three most impersonated brands are Microsoft, which is related to 45% of all brand phishing attempts globally, DHL (26%), and Amazon (11%).

Related Resource

The state of brand protection 2021

A new front opens up in the war for brand safety

A log-in screen with a red background - whitepaper from MimecastFree download

Other research carried out by the company found that 51.9% of all impersonation emails attempted to impersonate a non-executive in the organization. Non-executives are targeted 77% more often than other members of an organization.

“There are a few reasons behind this. One, security admins might be spending a lot of time providing extra attention to the C-Suite and hackers have adjusted. Two, non-executives still hold sensitive information and have access to financial data. There is no need to go all the way up the food chain,” said Jeremy Fuchs, content manager at Avanan.

Fraudulent digital signature use has led some companies to increase security surrounding e-signatures. For example, ESign Genie announced its digital signature platform would support knowledge-based authentication by adding an extra layer of security through authenticating document recipients’ identities before issuing viewing or editing rights. Esign Genie’s feature improves the security of sensitive, private, or protected documents by mandating a Social Security number.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021
Almost 70% of CISOs expect a ransomware attack
ransomware

Almost 70% of CISOs expect a ransomware attack

19 Oct 2021
Acer Taiwan falls victim to cyber attack
hacking

Acer Taiwan falls victim to cyber attack

18 Oct 2021
Marsh McLennan reveals its cyber risk analytics center
risk management

Marsh McLennan reveals its cyber risk analytics center

15 Oct 2021

Most Popular

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021