DocuSign brand spoofed in latest email brandjacking

Posted by Daniel McShanag on 21 September 2018 10:30:42 AEST

Keep an eye out for the latest DocuSign email scam that was circulating Wednesday (AEST). Masquerading as a credit application, the subjects generally relate to a ‘Credit Card Application’ or a ‘Loan Application.’

The simple HTML email requests asks recipients to ‘Review your document’ and click the link to ‘Sign your file here.’


The link in the email actually takes you to a malicious ‘Invoice.doc’ hosted on GoogleDrive. Despite being a small targeted run, the use of the DocuSign branding is authentic in appearance and may trick unsuspecting and curious recipients.

In the emails intercepted by MailGuard, the sender(s) appear to be random.

Cyber-criminals frequently exploit the branding of global companies like DocuSign, such as in thise attack reported earlier this year:  

The good reputation and familiarity of DocuSign makes them an attractive target, and since their service requires users to click a link to download files, they are a convenient trojan horse for malicious attacks. 

For a few dollars per staff member per month, add MailGuard's cloud-based email filtering protection to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs:

Stay up-to-date with new posts on the MailGuard Blog by subscribing to our email updates. 

Keep Informed with Weekly Updates


Topics: Cybersecurity email fraud cybercrime Threat Update DocuSign parceldeliveryscam emailscam

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all