Example Case Incident:
The email you received is a DocuSign phishing scam, a common type of fraudulent email designed to trick recipients into clicking malicious links or downloading harmful attachments. These emails are often disguised as legitimate communications from services like DocuSign, Dropbox, and similar platforms. This particular phishing attempt is trying to deceive you into interacting with a link labeled “VIEW COMPLETED DOCUMENTS,” which can lead to harmful consequences, such as the theft of personal information or installation of malware.
What to Do If You Receive a Phishing Email:
-
Do not click any links or open attachments.
- Phishing emails often use urgent or enticing subject lines and requests to get you to click on links that lead to malicious websites.
-
Forward the email to DocuSign’s official reporting address:
- Email to: spam@docusign.com
- This helps DocuSign monitor phishing attempts and protects other users.
-
Delete the email from your inbox.
- After reporting, remove the email to prevent any accidental clicks in the future.
How Email Protection Works:
Our email hosting service includes Email Protection Standard, which provides an additional layer of security. For this specific phishing email:
- The link contained within the email was automatically modified by our email protection system to begin with: https://url.emailprotection.link/.
- This modification is designed to protect you by redirecting potentially harmful links to a safe warning page before you can access the actual content.
We tested the link on a secure virtual machine, and our email protection system triggered a security warning. Below is an example of what the warning screen would have looked like had you clicked on the link.
Best Practices for Identifying and Handling Suspicious Emails:
As a general rule, if you receive an unexpected email with links, especially from services like DocuSign or Dropbox, and you don’t have a prior relationship with the sender, it’s safest to delete the message. If the email is legitimate and important, the sender will typically follow up through another method, such as a separate email, phone call, or text message.
Related Security Information:
For further details on how to handle phishing incidents, refer to DocuSign’s official security page:
DocuSign Trust Security Incident Reporting
Additionally, here’s a summary of the important security practices from ServerData's support article:
- Email Protection: ServerData provides a security feature called “Email Protection Standard,” which intercepts malicious links in emails and protects users by rerouting them to safe URLs.
- Scam Email Handling: If you receive suspicious emails, it's advised to verify the sender’s address and look for signs of irregularities, such as misspellings or generic greetings (e.g., "Dear Customer").
- Phishing Reporting: Always report phishing attempts to the company involved and delete any harmful emails from your inbox to prevent accidental clicks.
For more details, refer to ServerData's full support article here:
ServerData Phishing Protection Guide
By following these guidelines and leveraging built-in email protections, you can significantly reduce your risk of falling victim to phishing scams. Stay vigilant, and always take a moment to verify suspicious communications.
Our Email Protection Plans
We offer multiple tiers of email protection, each designed to meet different needs based on the level of security required. Below image is a breakdown of the features of each plan to help you understand what each offers, and how the standard plan compares with the premium plan you can upgrade to.
If you are on the standard plan, you are well-protected with a strong security foundation. However, if your business or individual needs require even more comprehensive protection, you may want to consider upgrading to the Premium Plan.
To learn more about upgrading, please contact our support team support@37solutions.com to initiate the upgrade process.
Comments
0 comments
Article is closed for comments.