PHISHING ALERT: HACKERS NOW USING DOCUSIGN TO DELIVER FAKE INVOICES
As phishing threats continue to evolve, cybercriminals are getting more creative—and more convincing. One of the latest and most alarming tactics involves using the trusted DocuSign platform to deliver fraudulent invoices and payment requests.
For many businesses, DocuSign is a routine part of daily operations, used to sign contracts, approve proposals, and move projects forward. Unfortunately, this familiarity is exactly what attackers are banking on.
WHAT’S HAPPENING?
Threat actors are now leveraging legitimate DocuSign accounts and the platform’s API to send fake invoice requests that look completely authentic. These phishing emails often mimic official DocuSign notifications, complete with branding, formatting, and urgent calls to action—making them incredibly difficult to detect.
Unlike traditional phishing attacks, these emails don’t contain suspicious links or obvious red flags. Instead, they present what appears to be a routine document for review or payment, instructing users to act quickly—before they take the time to verify.
WHY THIS SCAM IS SO DANGEROUS
- It Uses a Trusted Brand: DocuSign is used by millions of professionals. When people see a message from the platform, they tend to trust it.
- It Evades Filters: Because the emails come from real DocuSign accounts and don’t include typical malware triggers, they often bypass spam filters.
- It Relies on Social Engineering: These messages create a sense of urgency, pushing recipients to take action without verifying legitimacy.
COMMON TACTICS & TARGETS
DocuSign reports that many of these phishing attempts use fake invoices from familiar brands such as Norton, PayPal, and even generic “remittance advice” subject lines.
Industries most at risk include:
- Finance
- Healthcare
- Real Estate
- Any business that relies heavily on digital document workflows
WHAT YOU CAN DO TO STAY SAFE
Protecting your business starts with awareness and the right security practices. Here’s how to stay ahead of this threat:
FINAL THOUGHTS
This new DocuSign phishing campaign is a stark reminder: even the most trusted platforms can be exploited. As technology becomes more integrated into our business processes, so do the opportunities for cybercriminals to strike.
At EZ Micro Solutions, we help businesses stay ahead of threats with proactive cybersecurity strategies, user training, and advanced threat detection.
Need help hardening your defenses or educating your team? Fill out the information in the sidebar!