Dark Reading

Docusign API Abused in Widescale, Novel Invoice Attack

Cybercriminals are abusing a Docusign API in a widescale, innovative phishing campaign to send fake invoices to corporate users that appear authentic and likely would not trigger typical security ...
Bleeping Computer

DocuSign's Envelopes API abused to send realistic fake invoices

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a legitimate service, ...
Security Boulevard

Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale

In a concerning trend, cybercriminals are leveraging DocuSign’s APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively crafted emails ...
theregister

Criminals open DocuSign's Envelope API to make BEC special delivery

Business email compromise scammers are trying to up their success rate by using a DocuSign API. The Envelope: create API is designed to let users of the legal signing product automate and speed up ...