Alerts and updates
Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.
-
08/06/2018
DocuSign has observed a new phishing campaign that began the morning of August 6th (Pacific Time). The email purports to come from DocuSign using the email addresses docusign@pehache.com The emails all have the subject:
"You received invoice from DocuSign Electronic Signature Service"
These emails contain a malicious Word document. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).
-
07/19/2018
DocuSign has observed a new phishing campaign that began the morning of July 19th (Pacific Time). The email purports to come from DocuSign using the email addresses delivery@docusign-email.com The emails all have the subject:
"ADP sent you a new document to sign"
These emails contain a malicious Word document as an attachment, ADP-Document-3810922.doc. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).
-
07/16/2018
DocuSign has observed a new phishing campaign that began the morning of July 16th, 2018 (Pacific Time). The email purports to come from "DocuSign Signature and Invoice Service" (or similar) using the email address docusign@frontierincentives.com. The emails all have the subjects:
"You received / got invoice from DocuSign Signature Service / DocuSign Electronic Signature Service / DocuSign Service"
These emails contain links to a malicious Word document. This emails are not sent from DocuSign. Do not click the links in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB).
-
07/10/2018
DocuSign has observed a new phishing campaign that began the morning of July 10th (Pacific Time). The email purports to come from DocuSign using the email addresses noreply@docusign.delivery. The emails all have the subject:
"You have a new document to review and sign"
These emails contain a malicious Word document as an attachment, 3873JDSB987391.doc. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
07/10/2018
DocuSign has observed a new phishing campaign that began the morning of July 10th (Pacific Time). The email purports to come from DocuSign using the email addresses noreply@docusign.delivery. The emails all have the subject:
"You have a new document to review and sign"
These emails contain a malicious Word document as an attachment, 3873JDSB987391.doc. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
06/05/2018
DocuSign has observed a new phishing campaign that began the morning of June 5th, 2018 (Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice Service" using the email address docusign@texasliquorlicense.com . The emails all have the subjects:
You received / got invoice from DocuSign Signature Service / DocuSign Electronic Signature Service / DocuSign Service
These emails contain links to a malicious Word document. This emails are not sent from DocuSign. Do not click the links in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
05/08/2018
DocuSign has observed a new phishing campaign that began the morning of May 8th, 2018 (Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice Service" using the email address docusign@steelecreeksouth.com. The emails all have the subjects:
You received / got invoice from DocuSign Signature Service / DocuSign Electronic Signature Service / DocuSign Service
These emails contain links to a malicious Word document. This emails are not sent from DocuSign. Do not click the links in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
04/27/2018
DocuSign will end TLSv1.0 support in our demo environment effective May 29, 2018. This will help customers plan and test for the end of TLSv1.0 support in our production environment, scheduled for June 25, 2018.
This action will give customers time to update their integrations before our production environment ends support for TLSv1.0 on June 25, 2018.
DocuSign’s end of support dates for TLSv1.0 are as follows:
Environment TLSv1.0 Deprecation Date Demo May 29, 2018 Production June 25, 2018 For more information about TLSv1.0 deprecation, including instructions for testing and updating your browsers, please visit the DocuSign Support article here.
-
04/27/2018
To remain PCI DSS compliant after June 30, 2018, all inbound and outbound DocuSign requests are required to deprecate TLS v1.0 connections along with legacy ciphers as noted in our original end of support notice.
DocuSign Connect listeners that work only with TLS v1.0 will no longer function after DocuSign’s TLSv1.0 deprecation scheduled for June 25, 2018, in our production environment and May 29, 2018, in our demo environment.
For customers using DocuSign Connect listeners, integration owners should ensure that those listeners can work with TLSv1.1 or higher to avoid any service interruptions after TLSv1.0 support ends.
For more information about DocuSign Connect, please visit the DocuSign Connect Guide here.
-
04/27/2018
DocuSign has observed a new phishing campaign that began the morning of April 27th (Pacific Time). The email purports to come from DocuSign using the email addresses noreply@docusign.delivery. The emails all have the subject:
"You have received a secure document via Docusign"
These emails contain a malicious Word document as an attachment, 3873JDSB987391.doc. These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
04/06/2018
To ensure smooth DocuSign support deprecation for TLSv1.0, we have changed the effective date for this change. DocuSign will end TLSv1.0 support effective June 25, 2018. Please refer to the original end of support notice for further details.
Visit DocuSign’s System Requirements page for information about browsers supported by DocuSign. These browsers will continue to work after the change.
-
03/22/2018
DocuSign has observed a new phishing campaign that began the morning of March 22nd, 2018 (Pacific Time). The email purports to come from DocuSign using the email addresses no-reply@docusignmail.com and no-reply@docusignemail.com. The emails all have the subject:
"You have received a secure document"
These emails contain a malicious Word document as an attachment, 9S659EHDCSI72649DS.doc.These emails are not sent from DocuSign. Do not open the attachment in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)