MailGuard Blog

DocuSign seems to be winning the popularity contest amongst cybercriminals as MailGuard intercepts a second phishing scam imitating the global electronic agreement provider in just a matter of days. The scam emails appear to come from a compromised account belonging to a U.S. immigration law firm, as recipients are presented with an email purporting to be from the Accounts Department notifying the victim of an ‘EFT confirmation’ in .pdf format. Other trusted names such as Office 365, Gmail and AOL have been impersonated in the process.  

MailGuard has intercepted an email attack that uses multiple trusted brand names to fool victims into providing their sensitive information for credential harvesting. DocuSign, with hundreds of millions of users worldwide, is a household name with businesses and organizations using the tool for electronic signatures and agreements. Purporting to be from a prominent healthcare provider a DocuSign link is sent to recipients, in an attempt to capture email and login addresses and to potentially download malware. Other trusted names such as Adobe, Microsoft and IBM have been spoofed using accurately depicted branding and logos to catch victims off guard.  

MailGuard has intercepted a phishing email scam masquerading as a file-sharing notification in order to trick users.

Brandjacking - where cybercriminals impersonate the brands we trust, in order to fool us into clicking on malicious content - has affected some of the world’s biggest companies, past and present. 

Anyone can be a target of brandjacking scams.

MailGuard has detected a new email-based cyber-attack using Telstra branding is hitting Australian inboxes.

Keep an eye out for the latest DocuSign email scam that was circulating Wednesday (AEST). Masquerading as a credit application, the subjects generally relate to a ‘Credit Card Application’ or a ‘Loan Application.’

This scam email impersonating a DocuSign notification is well designed, as you can see in the screenshot above.

A new email scam has been detected by MailGuard; this one is designed to look like a DocuSign notification message - see screenshot above.

There’s a cunning, well-designed email scam hitting inboxes today that’s imitating a Docusign notification message.

In a very large scale and ongoing email scam, cybercriminals are yet again impersonating accounting firm MYOB, delivering a fraudulent DocuSign supply order to inboxes. This is the second ‘brandjacking’ in the space of the last week for MYOB, with a similar invoice scam impersonating the leading accounting software last Tuesday.