Phishing Alert: Government Impersonation Attacks Surge via DocuSign

DocuSign phishing attacks
North Carolina Licensing Board for General Contractors DocuSign Impersonation | Image: SlashNext

Cybercriminals are leveraging the trusted reputation of government agencies to deceive businesses, with DocuSign phishing attacks on the rise.

A new wave of phishing attacks is targeting businesses that frequently interact with government agencies, according to a report from SlashNext. These attacks exploit the trust that businesses place in government communications, using DocuSign phishing lures to deliver malicious payloads.

How the Attacks Work

The attackers impersonate various government entities, such as the Department of Health and Human Services, the Maryland Department of Transportation, and the North Carolina Licensing Board for General Contractors. They use DocuSign to send seemingly legitimate documents, such as licensing renewal notices, compliance documentation requests, and contract modifications.

These documents often contain urgent requests for action, such as signing a change order or providing an emergency compliance bond. The attackers use this sense of urgency to pressure businesses into acting quickly without verifying the authenticity of the request.

Why These Attacks Are Successful

These attacks are particularly effective because they use legitimate DocuSign infrastructure, making them appear authentic. They also target businesses during predictable licensing cycles and include accurate pricing and terminology familiar to the industry.

Protecting Your Business

Businesses need to be vigilant against these attacks. Here are some key recommendations:

  • Verify the sender: Always verify the sender of any DocuSign request before taking any action.
  • Be wary of urgent requests: Be especially cautious of requests that demand immediate action.
  • Check for red flags: Look for red flags, such as unexpected timing for license renewals, unusual payment routing instructions, and documentation requirements outside normal renewal periods.

By being aware of these threats and taking steps to protect themselves, businesses can reduce their risk of falling victim to these attacks.

Related Posts: