Do you use DocuSign? A new email attack has surfaced where hackers are reeling people in with phishing emails that claim to be from DocuSign.
What is DocuSign
DocuSign makes it simple to sign and securely auto-send important documents. It uses eSignature to keep modern operations moving forward from virtually anywhere, anytime. Organizations of all sizes have made the transition to electronically do business in this ever-changing world.
Watch Your Inbox
The phishing email appears to originate from DocuSign and includes a link and HTML attachment. As the receiver, you are requested to review and sign the document claiming to be “remittance advice.”
If the “View Completed Document” button is clicked, it leads end users to a clean, legitimate webpage.
However, if the attachment is opened, the blank image attack will begin.
Easily Reeled In
Hackers can target practically anyone with this specific technique. By concealing the malware within an empty image attachment, the true intent of the message is easily hidden. With a legitimate link included in the email body, it bypasses link analysis and security scanners. This increases the chances of the attacker reeling you in.
You should always think before you click on any links or attachments. Take extra caution around emails containing HTML attachments. These attachments could be ready and built to deliver malware to your devices.
How To Protect Your Team
HTML attachments aren’t new. What is new is the use of empty images redirecting to malicious materials. It is important to train your employees to stay alert and be aware of all the different types of phishing attacks that are out there.
As cybercriminals continue to come up with new ways to trick users into taking action, it is critical that you educate yourself and your team. End-user phishing training is essential to secure business functionality. Give your organization an extra layer of security by enabling your employees to recognize social engineering attacks.
Imagineering is a proud KnowBe4 partner. KnowBe4 provides a great solution for learning the ins and outs of spotting fake and suspicious emails. With a large library of content to train your users, KnowBe4 allows you to send out simulated phishing emails to your organization and see who the happy clickers are that may need more training.
Contact us today to set up end-user training for your team!
Is Your Firewall Protecting Your Business?
A firewall acts as an opening and closing door to your network. Keep out unauthorized users and ensure your network is secure with a firewall today!
Top 7 Questions to Ask Your IT Service Provider
In today’s digital age, our businesses rely so heavily on technology that we must invest in quality support and services that meet our expectations. Ask yourself the following questions when looking at your IT support!
Why Your Business Needs Managed IT Services
Receive the services you need, when you need them with Managed IT Services. This proactive approach to business IT is just what you are looking for!