ADVERTISEMENT

Fraudulent DocuSign email seeks to steal credentials

Nearly unstoppable phishing sites are tricking victims into giving access to their corporate networks.

phishing scammers

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Mar 10, 2025 2 min read
phishing email
A phishing email disguised as a DocuSign message. Source: Malwarebytes
ADVERTISEMENT
authentication form
A phishing site hosted on IPFS and the branded phishing site login page. Source: Malwarebytes
Ernestas Naprys Gintaras Radauskas vilius Paulina Okunyte
Don’t miss our latest stories on Google News
Add us as your Preferred Source on Google.

How to stay safe from phishing attacks?

  • Do not engage. First and foremost, do not interact with the content. Do not click on any links, do not download attachments, and do not reply to the message.
  • Report the phishing attempt to your email provider. Most email services have a Report Phishing option. Many companies also have dedicated channels for reporting phishing attempts that impersonate them.
  • Notify your supervisor. Depending on the organization's policies, if you have received a phishing attempt on one of your workplace channels, you should inform your supervisor or a relevant department (such as IT) so they are aware of potential threats and can assist you in following proper protocols.
  • For phishing attempts using QR codes, report them to the impersonated company and avoid scanning unverified codes. Notify your IT department if it’s encountered in the workplace.
  • Report smishing attempts to your mobile carrier. Some countries also have dedicated hotlines or online services for reporting SMS-based scams.
  • For phone call scams, you can report the number to your phone service provider and, if applicable, to local authorities or consumer protection organizations.
  • If you suspect your information may have been compromised, change your passwords immediately. This is especially critical for accounts with the same password and username/email combination.
  • Check your financial statements and accounts for unauthorized activity.
  • If the phishing attempt involved any financial accounts or there’s a possibility that your financial information was compromised, contact your bank or credit card company to alert them. They can monitor your accounts for suspicious activity and, if necessary, put additional security measures in place.
ADVERTISEMENT