Security News > 2020 > May > Phishing emails caught exploiting DocuSign and COVID-19
Phishing emails typically try to ensnare their victims by impersonating well-known companies, brands, products, and other items used by a lot of people.
The phishing email itself tries to look legitimate by copying the content and images of real emails from DocuSign.
The URL for the phishing site is hidden in the body text of the email through a SendGrid link.
The email actually contains several embedded links, some of which lead to authentic DocuSign web pages to give it greater legitimacy.
In the end, the page that comes up is a malicious one trying to capture DocuSign credentials as well as business email addresses.
News URL
Related news
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)