www.docusign.com
Open in
urlscan Pro
151.101.2.133
Public Scan
Submitted URL: https://protect.docusign.net/report-abuse?e=AUtomjpFak9GlbPL0zFFi111ngN9YgAT_P1qkTp0qabqWSH-GqpWL0c53Mav0L84zOXExXEvGsmA57lIz...
Effective URL: https://www.docusign.com/trust/security/incident-reporting
Submission: On October 13 via manual from AU — Scanned from AU
Effective URL: https://www.docusign.com/trust/security/incident-reporting
Submission: On October 13 via manual from AU — Scanned from AU
Form analysis 0 forms found in the DOM
Text Content
Skip to main content
CLM Essentials for growing businesses
* Sales 1-877-720-2040
* Search
* Support
* Access Documents
* Log In
* Solutions
The Agreement Cloud
A full suite of industry-leading applications, integrations, and flexible
APIs.
Explore the Cloud
EXPLORE
* Trust & SecurityA relationship you can trust
* Customer ExperienceAn experience people love
* Business AgilityA better way to work
USE CASES
* Human ResourcesSeamlessly manage the employee lifecycle
* LegalReduce risk and drive faster turnaround times
* ProcurementTransform the procure-to-pay process
* SalesClose deals faster, increase productivity and delight your buyers
* All Use Cases
INDUSTRIES
* Financial Services
* Insurance
* Real Estate
* Government
* All Industries
* Products
SIGNATURES
* Electronic SignatureThe #1 way to send and sign
* Electronic NotarizationSecurely send, sign and notarize agreements online
CONTRACTS
* Contract Lifecycle ManagementOrganized, automated document workflows
* Document GenerationGenerate documents seamlessly from Salesforce
MORE
* Identity VerificationIncorporate enhanced signer verification into your
agreements
* ClickwrapsCapture consent with a single click
* APIs
* Integrations
* Mobile Apps
* All Products
* Plans & Pricing
SIGNATURES
* eSignatureWe’ve got the right plan for you
* eSignature for Real EstateDocuSign for Realtors® is a NAR Member Exclusive
APIS
* API Usage PlansStart simple or build for scale with robust APIs
LOOKING FOR CLM OR ENTERPRISE PRICING?
Every business is different. That's why we use bespoke pricing to make sure
you only pay for exactly what you need.
Request a Quote
Contact Sales
Buy Now
Try for Free
Trust Center
* Overview
* Alerts
* Compliance
* Overview
* Certifications
* Export control
* Global standards
* Public certificates
* Legal
* Overview
* eSignature Legality Guide
* RON Legality Guide
* Agreements & Terms
* Intellectual Property
* Privacy Policy
* Law Enforcement Guidelines
* Privacy
* Overview
* Binding Corporate Rules (BCRs)
* Data Management & Privacy
* GDPR
* Subprocessors and Subcontractors
* Security
* Overview
* Incident reporting
* Innovations
* Product security
* Resources
* System status
REPORT SECURITY CONCERNS
Docusign’s trust is top priority and reports of suspicious activity are taken
seriously. It’s imperative that security concerns are shared with us to ensure
issues are addressed timely and appropriately. This page outlines the difference
between imitating DocuSign via spoofing or impersonation used in phishing
campaigns and the improper use of Docusign customer accounts to commit fraud, as
well as the correct reporting channel for each.
Concerns related to an actual DocuSign customer account are considered fraud and
improper use of our platform. Conversely, attempts to trick people into
believing emails are related to or from an actual DocuSign customer account are
imitation attempts.
REPORTING IMITATION OF DOCUSIGN
Our customers are the first line of defense against cybersecurity threats.
Detecting cyber security issues quickly reduces the possibility of negative
consequences. The information below explains how to detect cyber security
threats via imitation (also called spoofing) and report them to DocuSign’s
information security team for investigation.
DEDICATED THREAT REPORTING CHANNELS
DocuSign has dedicated reporting channels based on the type of threat:
* DocuSign-themed imitation emails and websites: If you think that you’ve
received a fraudulent email purporting to come from DocuSign, forward the
entire email as an attachment to spam@docusign.com and delete it immediately.
If you identify a website imitation of DocuSign, please copy and paste the
URL into an email to spam@docusign.com for investigation.
* Other security incidents and DocuSign-themed threats for investigation: New
cybersecurity threats occur regularly. To support DocuSign information
security and threat intelligence, report security incidents and DocuSign
platform threats to security@docusign.com.
GUIDELINES FOR IDENTIFYING IMITATION EMAILS AND WEBSITES
If you don’t recognize the sender of a DocuSign envelope and are uncertain of
the email’s authenticity, look for the unique security code included in all
DocuSign envelopes at the bottom of the notification email. If you don’t see
this code, don’t click on any links or open any attachments. Review our
Combating Phishing white paper to learn more.
Image caption: Example of an imitation of DocuSign brand used in phishing
attempts
SIGNS OF IMITATION EMAILS AND WEBSITES
1. Imitation links
Avoid imitation links by accessing your documents directly from
https://www.docusign.com using the unique security code found at the bottom
of the DocuSign notification email.
Always check where a link goes before clicking by hovering your mouse over
the link to review the URL (it should be hosted on docusign.com or
docusign.net). An imitation link is dangerous and can:
* Direct you to an imitation website that tries to collect your personal
data
* Install spyware (which can enable a hacker to monitor your actions and
steal login credentials) on your system
* Cause you to download a virus that could disable your computer
2. Imitation sender email address
Imitation emails may include a forged email address in the "From" field,
which is easily altered. If you don’t recognize the sender of or weren't
expecting a DocuSign envelope, contact the sender to verify its
authenticity.
3. Attachments
DocuSign emails that request you to sign a document never contain
attachments. Don’t open or click them within an email requesting your
signature. DocuSign emails only contain PDF attachments of completed
documents after all parties have signed the document. Even then, pay close
attention to the attachment to ensure it’s a valid PDF file. DocuSign never
attaches zip files or executables.
4. Generic greetings
Many imitation emails begin with a generic greeting like “Dear DocuSign
Customer.” If you don’t see your name in the salutation, be suspicious and
don’t click on any links or attachments. Conversely, also be aware of
highly personalized emails, especially if you do not know the sender or
were not expecting the communication.
5. False sense of urgency
Many imitation emails try to deceive you with the threat that your account
is in jeopardy if you don’t provide immediate updates. As it relates to
DocuSign, they might claim that unauthorized transactions have occurred on
your account and its imperative that you update your account information
immediately.
6. Emails that appear to be websites
Some imitation emails are made to look like DocuSign or other websites to
get you to enter personal information. DocuSign never asks you for personal
information, such as login credentials, via email.
7. Deceptive URLs
Just because the address looks OK, don't assume you're on a legitimate
site. Look in your browser's URL bar for signs that you may be on a
phishing site:
* Often the address of a phishing site deviates slightly from its
legitimate counterpart: for instance, it might say docusing.com instead
of docusign.com
* Your browser can detect certain types of malicious sites—always heed its
warnings, especially when it notifies you that a site or certificate
can’t be trusted
8. Misspellings and bad grammar
While no one is perfect, imitation emails are often rife with bad grammar
and mispellings. The errors could be intentional; such mistakes help
fraudsters avoid spam filters.
9. Unsafe sites
The term "https" should always precede any website that requests personal
information. (The "s" stands for secure.) If you don't see "https," you're
not in a secure Web session, and shouldn’t enter any personal data. A
legitimate DocuSign sign-in page address always starts with “https://.”
10. Pop-up boxes
DocuSign never uses a pop-up box in an email, because they aren’t secure.
REPORTING IMPROPER USE OF DOCUSIGN
Reports of customers violating DocuSign’s Terms & Conditions are investigated as
needed. This section outlines how to identify suspected improper use of
DocuSign, including customer account fraud, how to report it, what information
we collect, common fraud themes, alerts, resources and additional information.
WHAT TO REPORT AS SUSPECTED IMPROPER USE OF DOCUSIGN
A customer suspected of fraud or illegal activity can be reported to DocuSign if
they are in violation of the restrictions on use of the site.
How to identify an email coming from an actual DocuSign customer account
DocuSign customer envelope emails will always come from @docusign.net email
address and most will contain a 32-character security code in the bottom portion
of the email under the “Alternate Signing Method” section shown in the image
below.
If you are suspicious of a DocuSign envelope's authenticity, we recommend you
access the envelope directly form DocuSign.com. For more information, visit our
Alternative Signing Method Security Code Access page.
All DocuSign envelope email notifications contain a link that takes you to the
DocuSign site to review the document. To review and verify that the link is
directing you to a DocuSign site, hover over it without clicking on it (see
below). A DocuSign site link will begin with
“https://www.docusign.net/Member/EmailStart” followed by a string of characters.
The link may also include a prefix of one of our other server designations
‘na2’, ‘na3’, ‘na4’, ‘au’, ‘ca’ or ‘eu’ (e.g.
https://na2.docusign.net/Member/EmailStart).
IMPORTANT: Use caution when hovering over the link to avoid clicking on it.
HOW TO REPORT
There are two ways to report improper use of an account to DocuSign. You can do
so by using the Report this email link at the bottom of your email (Figure 1),
or by sending an email to SecurityAccountAbuse@docusign.com.
Clicking on the link takes you to our Report Abuse form where you can report
various types of abuse, including fraud/illegal activity.
Figure 1
Figure 2
Selecting “I believe this is fraudulent or contains illegal content” from the
Report Abuse form (Figure 2) and the “DocuSign may contact me to request
additional information” box, could prompt you to receive a DocuSign envelope
containing a Request for Allegation Details questionnaire from
IU_DSFraud@docusign.com. This form is used to gather critical details needed to
investigate the alleged activity, as shown below.
To report via email send to SecurityAccountAbuse@docusign.com with as much of
the following information as possible:
* Your full name and contact information
* Envelope ID or security code
* Supporting documents (attachments, screenshots, forms, etc.)
* Customer/sender name (business/individual) and email address
* Any other known customer/sender identifiers (e.g. physical address, phone
number, etc.)
* Thorough description of what happened
* Other pertinent information
DocuSign doesn't access envelope contents, even if authorized by the customer or
recipient/complainant. Supporting evidence is often necessary to assess the
severity of the violation and further substantiates the allegation details
provided.
WHAT NOT TO REPORT AS IMPROPER USE OF DOCUSIGN
Misaddressed email notifications
A misaddressed email is not a clear indication of fraudulent activity. If you
receive an envelope email notification in error, follow the Decline to sign
instructions. Gmail users, visit the Gmail Help Center for more information on
why you may be receiving wayward envelopes.
Imitation DocuSign email notification (non-customer activity)
Do not report imitation DocuSign emails including spoof or look-alike, as
improper use of DocuSign. Scammers may create look-alike email addresses/domains
(e.g., docu-sign.com, docus1gn.com, docusigh.com, etc.) in an attempt to
impersonate DocuSign emails.
Unwanted emails or excessive reminders
If you are receiving unwanted DocuSign emails,report them using the appropriate
reason selection in the Report Abuse form shown above in Figure 2.
WHAT INFORMATION IS COLLECTED AND WHY
DocuSign collects critical details about the activity to effectively investigate
and mitigate fraud on our platform. The information helps identify the account
holder, related envelope activity and serves as evidence supporting any
necessary actions, such as closing an offending account.
We request::
* Complainants full name and contact information
* Envelope ID or security code
* Envelope ID is located in the top right corner of each page in the document
(format: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)
* Attachments, screenshots, and forms
* Customer or business name and email address
* Any known identifiers not included in the envelope email (e.g. physical
address, phone number)
* Any other information you deem pertinent
TRENDS, TACTICS, ACTIVITY AND THEMES
Based on some themes our fraud team at DocuSign has observed, here are some
trends to watch out for:
* Too good to be true prices or offers
* Site unseen rentals or sales
* Tech support (pop-ups) or subscription renewal claiming affiliation to a well
known company
* Loan offer or debt relief requiring up front fees
* Sense of urgency, harassment, or threatening tactics
* Job offers from businesses with little to no public information
* Economic or hardship leveraging opportunities (e.g. pandemic, investment)
Be cautious of the following types of activity and themes:
* Impersonation of an individual, business, financial institution, government
or other organization
* Elder exploitation
* False affiliation claims
* Improper solicitation of personally identifiable information (PII). Examples
of PII include:
* SSN or other national identification number
* Date of Birth
* Bank account number
* Credit card number
* Telephone number
* Medical record number
* Phishing/malware
* Pyramid schemes
* Prolific scams (employment, investment, lending, real estate, sales, tech
support, travel, debt relief, etc.)
FOLLOW-UP REPORT
How to provide more information
To provide additional information for a previously filed complaint, send an
email to SecurityAccountAbuse@docusign.com. To ensure new information is linked
to the original report, include a mention of the original report, the Envelope
ID/security code (if known), your full name and email address.
Investigation status and updates
Our Terms & Conditions restrict us from disclosing user data. This means we do
not respond to complainants with investigation status or outcomes.
FRAUD SPECIFIC ALERTS
Phishing campaign
ADDITIONAL RESOURCES
DOCUSIGN
* Security Incidents
* How to Avoid Phishing Scams
* Law Enforcement Guidelines
* Privacy Notice
REPORT CRIMES
DocuSign will not contact law enforcement on behalf of a potential victim. If
you believe a crime was committed, report it to the appropriate authorities.
Review the links below for some larger government agencies you should report to
in addition to local law enforcement. If you are unsure, contact your local
authorities for additional guidance.
United States (US)
Internet fraud or cyber crime Internet Crime Complaint Center (IC3) Scams,
fraudulent businesses or unwanted calls Federal Trade Commission (FTC) Identity
theft (visit the Identity Theft webpage for more information) FTC ID Theft
Non-US
International scams eConsumer.gov Fraud and cyber crimes ActionFraud Financial
fraud scams (unauthorized firm or individual) Financial Conduct Authority (FCA)
PRODUCTS
* eSignature
* Contract Lifecycle Management
* Document Generation
* Contract Analytics
* All Products
PLANS & PRICING
* eSignature Plans
* Real Estate Plans
* API Plans
INDUSTRIES
* Financial Services
* Insurance
* Real Estate
* Government
* All Industries
USE CASES
* Sales
* Human Resources
* Procurement
* Legal
* All Use Cases
BUSINESS SIZE
* Enterprise
* Small Business
* Individuals
PARTNERS
* Partners Overview
* Partners Login
DEVELOPERS
* Developer Center
* API Overview
* Free Developer Account
* Open Source
SUPPORT
* Customer Success
* Get Support
* Introduction to eSignature
* Knowledge Market
* DocuSign University
* Community
RESOURCES
* Why DocuSign
* Resource Center
* Blog
* Events
* Webinars
* Customer Stories
* Legality Guide
* Trust Center
COMPANY
* About Us
* Leadership
* Careers
* Talent & Career Development
* Benefits
* Diversity & Inclusion
* Investor Relations
* News Center
* DocuSign for Forests
* DocuSign Impact
* DocuSign Momentum
* Contact Us
* Accessibility
--------------------------------------------------------------------------------
TRENDING TOPICS
* Electronically notarize agreements
* Streamline agreements with contract management software
* What is contract lifecycle management?
* Wet signatures vs electronic signatures
* How to insert signature in google docs
* How to put a signature on a word document
* What is remote online notarization?
* How to sign a pdf
* How to draft a purchase agreement
* How does online id verification work
United StatesCanada - EnglishFranceAustralia日本BrasilNederlandDeutschlandUnited
KingdomEspañaIndiaItaliaMéxicoMalaysia - EnglishPhilippines - EnglishSingapore -
EnglishTaiwan - English
FacebookTwitterYouTubeLinkedIn
* Terms of Use
* Privacy Policy
* Cookie Preferences
* Intellectual Property
* Modern Slavery Act Statement
© DocuSign, Inc. 2022
By clicking “Accept All Cookies”, you agree to the storing of cookies on your
device to enhance site navigation, analyze site usage, and assist in our
marketing efforts.
Cookies Settings Accept All Cookies
PRIVACY PREFERENCE CENTER
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information
Allow All
MANAGE CONSENT PREFERENCES
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then
some or all of these services may not function properly.
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
Back Button
PERFORMANCE COOKIES
Search Icon
Filter Icon
Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
Confirm My Choices