DocuSign phishing attacks are the scams of the week!
In a recent talk, DocuSign disclosed that they have been the victim of a data breach, after which phishing email attacks were done at them with the help of Docusign information.
They disclosed that the data breach was done on 9, 15 and 17 of this May. In this case, DocuSign customers were extensively aimed with those phishing campaigns.
In response to those phishing emails, DocuSign informed and made their customers aware of the phishing attacks. They advised to use the filter on their email or delete any email with the subject of a specific kind. They give the full list of the lines in the subject that you should not open.
These campaigns have docx extension and it tricks the Microsoft Word’s workstation to download the malware on your system. They have warned the users further that there can be more phishing emails in the future.
Also Read: Phishing Malware
They have rolled out the advisory that some criminals have stolen the email addresses from their customer email base. These criminals are sending emails that look similar to the one sent by DocuSign emails. But all they want the user to trick them into an opening and editing the Microsoft Word. If you let yourself do the thing they want you to do, then the malware will be installed on your computer. In case you get an email that looks like DocuSign and you have the attachment in that email, then be vigilant in opening the email.
Entertainment files are becoming new targets!
There was a movie James Bond Goldfinger based on Ian Fleming’s seventh novel. There was a quote in that movie: “Once is happenstance. Twice is the coincidence. The third time is enemy action.”
It was noted that attackers used such spoofs to look like the executive of Interscope Records. Interscope Records is the record label owned by Universal Music Group.
This criminal aimed at two small music label companies namely September Management and Cherrytree Music Co. They faked to send sound engineers of these companies the stem files of the Lady Gaga recording. Stem files are those files in which the sound engineer do the remixing and recording and remastering.
They figured it out that they might attack the small companies by faking themselves to be a high profile person. It was most likely that the smaller label companies did not have the same security at all.
It was the last month only that the criminals leaked the latest episodes of “Orange is the new black” after the hackers broke into the computers of Larson Studios. Larson Studios is the post production partner of Netflix. They were unsuccessful in extorting Netflix. Hollywood studios made it clear that they would not be paying a ransom fee at all.
They made a decision by calculating the revenue lost and the revenue demanded by the frauds. These such decisions are becoming a huge loss to the company if you are not aware of the hackers. So, it is better to be aware. It is always better to be late that sorry. Try your employees to get educated against these hackers and cyber criminals.
Julia Sowells700 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.