Security News > 2020 > May > Phishing emails caught exploiting DocuSign and COVID-19
Phishing emails typically try to ensnare their victims by impersonating well-known companies, brands, products, and other items used by a lot of people.
The phishing email itself tries to look legitimate by copying the content and images of real emails from DocuSign.
The URL for the phishing site is hidden in the body text of the email through a SendGrid link.
The email actually contains several embedded links, some of which lead to authentic DocuSign web pages to give it greater legitimacy.
In the end, the page that comes up is a malicious one trying to capture DocuSign credentials as well as business email addresses.