Alert: October 23, 2019, 8:30 AM Pacific Time - New Phishing Campaign Observed Today

DocuSign has observed a new phishing campaign that began around 8:30 AM on the morning of October 23(Pacific Time). The email purports to come from "DocuSign Electronic Signature” or similar using the email address "docusign@2onthetown.com” The emails have the subject line similar to:

"You got notification from DocuSign Signature Service “

These emails contain and it contains a .zip attachment with a malicious .vbs file. These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

For more information on how to spot phishing please see our Combating Phishing white paper (3.3 MB)