DocuSign, which provides e-signature technology to the mortgage industry, reports that some of its ancillary systems were recently hacked; however, only email addresses were accessed, and the malicious activity appears to be limited to an email spoofing campaign.
“Last week, and again this morning, DocuSign detected an increase in phishing emails sent to some of our customers and users,” the company says in an update on its website. “The emails ‘spoofed’ the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, installs malicious software. As part of our process in response to phishing incidents, we confirmed that DocuSign’s core e-signature service, envelopes and customer documents remain secure.”
An investigation revealed that a “malicious third party had gained temporary access to a separate, non-core system that allows us to communicate service-related announcements to users via email,” the company reports.
DocuSign stresses in its statement that “no names, physical addresses, passwords, Social Security numbers, credit card data or other information was accessed,” nor were any electronic documents.
The company says it has taken measures to prevent unauthorized access to its systems, including putting additional security controls in place and working with law enforcement.
DocuSign is warning consumers and corporate clients to forward “any emails with the subject line ‘Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature’ and ‘Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature’ to the company’s spam server at firstname.lastname@example.org prior to deleting them.”
“These emails are not from DocuSign,” the company says. “They were sent by a malicious third party and contain a link to malware spam.”
Even if a consumer decides not to forward the emails to DocuSign, they should be deleted immediately.
“The Internet is a critical component to your business and to conducting business on the DocuSign Global Network,” the company says. “Those committing fraud seek to take advantage of this trusted relationship for illegal purposes.”
DocuSign says although it “continuously monitors for such activity,” its customers “are the first and best layer of defense in combating online fraud.”
“Learning to properly detect and avoid online and email scams is the ultimate protection against fraud,” the company says.