Breach On DocuSign Led To Targeted Email Malware Campaign


This week provides an excellent example of why Phishing attacks require you to make a thoughtful pause before opening email attachments. Criminals breached a marketing data base owned by the vendor supplying the state standard electronic signature and contracts workflow product, DocuSign. For more information you can check out this article: https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

As a result, if you have ever used DocuSign at work or at home, your email address and name are now in the hands of skilled criminals who know you as a current or past user of DocuSign. Using that knowledge these miscreants may send you a convincing email pretending to be from DocuSign. Their purpose is to trick you into clicking on a link or opening an attachment that could give them—without you realizing it—control of your computer and everything it has access to. It could even turn your computer into a tool for further criminal exploitation.

Always remember:

  • Never open an email from someone you are not expecting one from. 
  • Never click on a hyperlink which you are not 100% certain is reliable. 
  • Wherever possible, hover your mouse over ‘from’ addresses and hyperlinks to see if underneath is a different entity. 
  • Be extra cautious when mobile – your phone or tablet has less ability to help you determine the integrity and reliability of senders’ addresses and the content of messages.
  • As always, send to reportspam@state.sd.us if you would like it reviewed first.

Article taken from:
https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/


This week provides an excellent example of why Phishing attacks require you to make a thoughtful pause before opening email attachments. Criminals breached a marketing data base owned by the vendor supplying the state standard electronic signature and contracts workflow product, DocuSign. For more information you can check out this article: https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

As a result, if you have ever used DocuSign at work or at home, your email address and name are now in the hands of skilled criminals who know you as a current or past user of DocuSign. Using that knowledge these miscreants may send you a convincing email pretending to be from DocuSign. Their purpose is to trick you into clicking on a link or opening an attachment that could give them—without you realizing it—control of your computer and everything it has access to. It could even turn your computer into a tool for further criminal exploitation.

Always remember:

  • Never open an email from someone you are not expecting one from. 
  • Never click on a hyperlink which you are not 100% certain is reliable. 
  • Wherever possible, hover your mouse over ‘from’ addresses and hyperlinks to see if underneath is a different entity. 
  • Be extra cautious when mobile – your phone or tablet has less ability to help you determine the integrity and reliability of senders’ addresses and the content of messages.
  • As always, send to reportspam@state.sd.us if you would like it reviewed first.


Article taken from:
https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/