Alerts and updates
Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.
-
10/22/2019
DocuSign has observed a new phishing campaign that began around 09:30 AM on the morning of October 22 (Pacific Time). The email purports to come from "DocuSign Electronic Signature” or similar using the email address "docusign@thecanvasroom.ca” The email messages have the subject line similar to:
"You received invoice from DocuSign Signature Service“
These email messages contain a link to a malicious script. These email messages are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
10/10/2019
DocuSign has observed a new phishing campaign that began around 08:00 AM on the morning of October 10 (Pacific Time). The email purports to come from "DocuSign Electronic Signature” or similar using the email address "docusign@testyourtestosterone.com” The emails have the subject line similar to:
"You got notification from DocuSign Signature Service “
These emails contain a link to a malicious script. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
10/08/2019
DocuSign has observed a new phishing campaign that began around 09:00 AM on the morning of October 08 (Pacific Time). The email purports to come from "DocuSign Signature” or similar using the email address "docusign@blisscommunities[.]net” The emails have the subject line similar to:
"You got invoice from DocuSign Electronic Signature Service"
These emails contain a link to an archive containing a malicious word document. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
10/03/2019
DocuSign has observed a new phishing campaign that began around 09:00 AM on the morning of October 03, 2019 (Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@amelianeukum.com" The emails have the subject line similar to:
"You got invoice from DocuSign Electronic Service “
These emails contain a malicious macro enabled word document. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
09/25/2019
On September 28, 2019 the Support Center will be undergoing extensive maintenance from 6:00 am PDT – 9:00 pm PDT.
The following functionality will be inaccessible:
- Online case submission and management
- Click to Call
- Chat
- Community
- Search
- Knowledge Content (articles, guides and videos)
For Support, please call 1-866-219-4318.
-
08/19/2019
On August 13th, 2019 Microsoft released a fix for a remote code execution vulnerability (CVE-2019-1222, CVE-2019-1226, CVE-2019-1181, CVE-2019-1182) residing in Remote Desktop Services and affecting all versions of Windows including Server.
In keeping with our security best practices, we would like to assure customers that all impacted roles are immediately patched.
-
07/18/2019
DocuSign has observed a new phishing campaign that began around 08:00 on the morning of July 18th (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign @ ggarvey.net" The emails have the subject line similar to:
"You received notification from DocuSign Service“
These emails contain and it contains a .zip attachment with a malicious .vbs file. This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
07/02/2019
DocuSign has observed a new phishing campaign that began around 10:00 on the morning of July 2nd (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@innersighttherapy.com" The emails have the subject line similar to:
"You received notification from DocuSign Service“
These emails contain links to a malicious website that will download malicious executable to your computer. This is a change in tactics. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)
-
06/28/2019
Starting at 10 AM EST June 27, 2019 DocuSign sent email communication to customers who have DocuSign accounts that are using our current Connect x.509 certificate.
This email message was sent to inform account admins and IT contacts that we are renewing the certificate on the schedule that can be found here.
This email message was erroneously sent to all account users who are using our current x.509 certificate. We apologize for any confusion this has caused. If you are not the DocuSign account admin or IT contact please disregard that communication. -
06/24/2019
All DocuSign Connect x.509 certificates for Demo, NA1, NA2, NA3, EU, CA and AU have been re-issued and will be renewed between September and November 2019. After the change-over dates, only the renewed (new) certificates will be available for DocuSign Connect. The renewal schedule and new certificates have been posted here: https://www.docusign.com/trust/compliance/public-certificates
-
06/11/2019
DocuSign has engaged a new service-specific subprocessor, Google LLC, to deliver an optional product feature within the DocuSign Signature service. This subprocessor will only be used if you choose to enable or purchase the optional product feature for auto-tagging.
Please review the details of this subprocessor, DocuSign’s commitments under our BCR-P Privacy Code, and your options for objecting to the subprocessor here: https://www.docusign.com/trust/privacy/subprocessors-list
-
05/23/2019
DocuSign has observed a new phishing campaign that began around 8:00 on the morning of May 23rd (Pacific Time).. The email purports to come from "DocuSign Electronic Signature and Invoice Service” or similar using the email address "docusign@carenethouston.org" The emails have the subject line similar to:
"You received notification from DocuSign Service“
These emails contain links to a malicious Microsoft Office document which, if run, will download malware to your computer. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.
For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)