Hackers fake DocuSign and offer fraudulent signing methods
Criminals impersonate the e-signing company to steal credentials
Security researchers have revealed criminals’ new tactics to impersonate major brands to steal and harvest victims’ credentials.
Researchers at Avanan, a Check Point company, said hackers impersonate major brands to perform phishing attempts. One frequently seen attempt mimics legit communications from DocuSign.
When DocuSign sends an email, it offers recipients an “Alternative Signing Method.” DocuSign prompts the recipient to visit https://www.docusign.com and enter a security code the company generates. This site then offers users more than one option to access and electronically sign their documents.
In a recent campaign researchers are following, hackers send an email that impersonates DocuSign from a docusign.net address that appears to be on behalf of an administrator. In this email, the attackers request the user view and sign a document and offer an alternative signing method.
The link to the alternative method leads users to a fake website where they must enter their password. Hackers then steal the email address and password as part of a credential harvesting campaign.
Researchers revealed other commonly impersonated brands, which tend to be trusted and popular ones. The top three most impersonated brands are Microsoft, which is related to 45% of all brand phishing attempts globally, DHL (26%), and Amazon (11%).
The state of brand protection 2021
A new front opens up in the war for brand safetyFree download
Other research carried out by the company found that 51.9% of all impersonation emails attempted to impersonate a non-executive in the organization. Non-executives are targeted 77% more often than other members of an organization.
“There are a few reasons behind this. One, security admins might be spending a lot of time providing extra attention to the C-Suite and hackers have adjusted. Two, non-executives still hold sensitive information and have access to financial data. There is no need to go all the way up the food chain,” said Jeremy Fuchs, content manager at Avanan.
Fraudulent digital signature use has led some companies to increase security surrounding e-signatures. For example, ESign Genie announced its digital signature platform would support knowledge-based authentication by adding an extra layer of security through authenticating document recipients’ identities before issuing viewing or editing rights. Esign Genie’s feature improves the security of sensitive, private, or protected documents by mandating a Social Security number.
Four strategies for building a hybrid workplace that works
All indications are that the future of work is hybrid, if it's not here alreadyFree webinar
The digital marketer’s guide to contextual insights and trends
How to use contextual intelligence to uncover new insights and inform strategiesFree Download
Ransomware and Microsoft 365 for business
What you need to know about reducing ransomware riskFree Download
Building a modern strategy for analytics and machine learning success
Turning into business valueFree Download