Managed Services

February 22, 2024

How to Spot and Avoid a DocuSign Phishing Email

How to Spot and Avoid a DocuSign Phishing Email

We’ve said it before and we’ll say it again: cyber threats are constant. One of the most common are phishing scams, which have become a lot more sophisticated over the years, making it challenging to separate the legitimate emails from the scams. A recent report surveying 500 cyber security professionals shows that 94% of organizations were affected by a phishing attack. We’ve noticed a recent rise in DocuSign phishing emails, with weekly tickets from concerned clients asking about what to do if you fall for a phishing scam. So, it’s time to get proactive and discuss practical strategies for identifying and avoiding a deceptive DocuSign phishing email to safeguard one of your most valuable (and invaluable) assets: your data.

Side-Eye Your Emails with Skepticism

What’s the best way to avoid being caught or tricked by a phishing email scams? A healthy and strong level of skepticism. That said, we have to admit that the common DocuSign phishing email seems to be slipping past even the most vigilant person’s skepticism and initial defenses.

So, you need to back up that skepticism by asking some simple questions:

  • Are you actually expecting the email from DocuSign from that person?
  • Are you expecting to sign a document today?

If not, then reach out to the person mentioned in the email directly through your normal contact methods (not by replying to the email!).

Spotting the Signs: A Checklist for DocuSign Emails

Maybe you’re someone who signs a lot of documents or you are expecting a DocuSign email. Your skepticism needs to be backed up with a thorough process if you don’t want to be part of the problem. After all, most data theft and damage isn’t done by elaborate hackers through your company’s mainframe. In fact, as our friends at KnowBe4 reported, 33% of employees across all industries are prone to phishing scams. That means that without proper defenses or training on what to look for, there’s a big gap in your cyber security armor. So, we’ve put together a checklist of what to look for in a DocuSign phishing email specifically to make sure you only click on the real ones:

  1. Name Accuracy
    Traditional phishing emails have usual signs that set off our skepticism: poor grammar, strange email addresses, random layouts, the name is your email address instead of your actual name (i.e. – “Hi jsmith” or “Hi John Smith” when no one uses full names), etc. With the DocuSign scam, we have to be more careful because the template is exactly the same as what DocuSign uses, the grammar is excellent, and it usually has your correct name (i.e. “Hi John,”).
  2. Email Domain
    The URL of the email will be not quite right. Subtle variations or misspellings in the domain name are common tactics used by cybercriminals to deceive recipients. Even if it’s off by one letter, like “” or “” for example, that’s not All authentic emails actually from DocuSign will come from and no other URL.
  3. Sender Verification & File Name
    Going back to that first simple question above, did this email come from who you expect it to and does the file name seem appropriate? If you don’t recognize the person or file name, check with your contacts — maybe it’s a new team member, but maybe it’s not. If the sender’s identity or the relevance of the attached file seems dicey, avoid clicking any links or opening attachments. Instead, show it to trusted colleagues or ask your IT team to verify the legitimacy of the email.

If ANY of these 3 items are not right, then that’s the threshold for skepticism.

Best Practices for Dealing with Phishing Scams

In general, don’t open links you’re not expecting or don’t know. It’s okay to receive and even open the email to look at it. That’s totally fine; you’ll have nothing to worry about. Again, just do not click on any link or open any attachment — notify IT instead. You can forward the email to IT but the ideal scenario is to keep your hands off the email. Instead, send a separate email to IT telling them what you’ve received. That might seem a little overcautious but you never know what might be attached. IT can then look at the email details and determine if it’s legitimate. That said, if you’ve gotten to the end of this paragraph and are like, “Well, dang, I’ve already clicked on a link,” don’t worry, we have you covered with the instructions in our blog on what to do if you clicked on a phishing scam.

“The better part of valor is discretion,” so said Falstaff in Shakespeare’s Henry IV (though he was probably not talking about cyber security). Still, the quote fits as exercising caution when encountering unfamiliar or unexpected emails (especially those containing links or attachments), can save you stress, and potentially save your company’s finances and reputation. While it may be tempting to click on a seemingly harmless link, err on the side of caution and resist. Vigilance and proactive measures are essential in combating this rise in DocuSign phishing email scams and safeguarding against cyber threats. We’ve given you the tools to help you stay one step ahead of cybercriminals and protect yourself and your organization from falling victim to phishing attacks – and we have plenty more available if you reach out to our IT and cyber security experts.

Business insights and resources

How & Why to Make Sure Your Login Credentials Aren't a Security Weakness

How & Why to Make Sure Your Login Credentials Aren’t a Security Weakness

How to Spot and Avoid a DocuSign Phishing Email

How to Spot and Avoid a DocuSign Phishing Email

cyber security insurance requirements

Cyber Security Insurance Requirements: What Providers Might Ask You For

Ready to optimize?