Malwarebytes Labs finds that the Docusign Application Programming Interface (API) allows ‘customers’ to send emails that come from genuine Docusign accounts, and they can use templates to impersonate reputable companies, according to Finextra.
To pull this off, the phishers set up a Docusign account and then use the templates provided by Docusign to send out legitimate looking invoices from PayPal. Users may be informed of an ‘unauthorised’ transaction and are given a phone number to contact to safeguard the account and process a refund.
Because the emails come from Docusign they can bypass many security filters, although there are a number of red flags to give away the scammers, including the use of gmail addresses for the PayPal customer care team.
Docusign says its team investigates and closes suspicious accounts within 24 hours of the activity being detected or reported. When suspicious accounts are reported, the vast majority of those accounts have already been detected by Docusign’s systems and are either under investigation or have already been closed. Once an account is closed, all envelopes sent from the account are no longer accessible by the recipient or sender.
Banking 4.0 – „how was the experience for you”
„So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”
Many more interesting quotes in the video below:
