“Message Sent Using DocuSign Service” Email Scam Explained
Written by: Thomas Orsolya
Published on:
Have you received an email claiming a document is waiting for your “electronic signature” on DocuSign? Maybe the subject line said you have a new document or contract to review and sign digitally.
While it may look legitimate, this “DocuSign” phishing scam aims to steal your login credentials and personal information.
In this comprehensive guide, we’ll explain everything you need to know about the “Message Sent Using DocuSign Service” email phishing scam.
This article contains:
Overview of the DocuSign Phishing Scam
The “Message Sent Using DocuSign Service” is a crafty phishing scam that pretends to be from the legit electronic signature company, DocuSign.
Phishing scams use email or websites masked as trustworthy entities to trick users into giving up sensitive data like passwords and credit card numbers.
This DocuSign scam email looks convincing since it uses corporate branding and a professional format. The subject line normally says something like:
(1 New) DocuSign Electronic Signature
Urgent: DocuSign Document Ready for Signature
Contract Update: DocuSign Account Action Required
Here’s an example of what the scam email body says:
This message was sent to you using the DocuSign Service.
Do Not Share This Email This email contains a secure link to DocuSign. Please do not share this email, link, or access code with others.
REVIEW DOCUMENTS
Download the DocuSign App
This message was sent to you using the DocuSign Electronic Signature Service.
The email tries to create a sense of urgency and importance around “reviewing documents” on DocuSign.
Some even threaten account suspension if you don’t log in, which scares victims into acting rashly.
If you click on the “REVIEW DOCUMENTS” or “CONTINUE” button, you’ll be taken to a fake DocuSign login page hosted on a phishing site.
When you enter your email and password here, the scammers capture your credentials. The phishing site looks identical to the real DocuSign site to trick you into entering details.
From here, the attackers gain access to your account and can:
Access private documents and files in your email
Send more phishing emails to your contacts
Access bank accounts, credit cards, or other financial platforms if you reuse passwords
Steal your identity or commit fraud using your credentials
This scam is often used to distribute malware that can lock you out of your device and files.
Next, we’ll explore exactly how the DocuSign phishing scam works to lure victims in and steal sensitive information.
How the DocuSign “Electronic Signature” Phishing Scam Works
The DocuSign phishing scam is intricately designed to manipulate users into handing over login credentials and personal data.
Here’s a step-by-step walkthrough of how the fraudsters operate:
1. You Receive an Email Claiming to be From DocuSign
You’ll get an email using corporate DocuSign branding and logos in the header. The sender email is spoofed to look like it’s from @docusign.com.
As covered earlier, the subject line normally says something like:
(1) New DocuSign Signature Request
Action Required: DocuSign Account Review
Urgent: Contract Document Requires Signature
This gives the impression there’s an urgent document that needs your digital signature on the real DocuSign platform.
2. Scam Email Body Urges You to “Review” or “Sign” Documents
The body copy reinforces the urgency around signing into your DocuSign account. Here’s some typical wording:
This message was sent to you using the DocuSign Electronic Signature Service. Please login to review and sign your documents.
Per our records, you have 1 new document requiring your immediate attention. Sign in to your DocuSign account to review and electronically sign these documents.
Urgent Notice: Your DocuSign account needs attention. Login now to avoid any interruption in service.
The bold call-to-actions like “Sign in” or “Review Documents” add legitimacy so you’re more likely click without thinking.
3. “DocuSign” Button Links to a Fake Phishing Login Page
When you click buttons like “CONTINUE,” “REVIEW DOCUMENTS,” or “SIGN IN,” you’re taken to a phishing site instead of the real DocuSign site.
The URL often looks convincing with intense random strings like:
The site is designed to precisely mimic the real DocuSign login page, down to the graphics, branding, and web design. This fools victims into believing it’s the legitimate site.
![Fake DocuSign Login Page][]
4. You Attempt to Login With Your Email and Password
Without realizing you’re on a phishing site, you then enter your email address and password in the login fields. ![Entering login details on phishing site][]
You might assume this extra login step is just DocuSign taking precautions before the document review. But in reality, you’re giving your credentials directly to scammers.
5. Attackers Steal Your Email Login and Other Personal Information
Once submitted, your email address and password are captured by the phishing site and attackers. They now have direct access to your email account.
From here, the scammers can:
Access private documents and files stored in your email inbox
Impersonate you by sending emails from your account
Access connected accounts if you reuse passwords
Access financial platforms or bank accounts linked to that email
Steal your identity, commit fraud, or sell your information
The scammers can also distribute malware, trigger downloads to lock you out of your device, or hold your computer hostage for ransom.
Some phishing sites will ask for more personal information beyond your email and password, such as:
Full name
Phone number
Home address
Credit card number
Driver’s license details
With this information, criminals can easily steal identities, commit financial fraud, or sell data to other parties.
What To Do If You Fell For the DocuSign Email Scam
If you submitted your details on the phishing site, here are important steps to take right away:
1. Change Your Email Password and Enable Two-Factor Authentication
As soon as possible, log into your legitimate email account and change your password. Make sure it’s unique and complex.
Also set up two-factor authentication using an authenticator app or mobile number for an extra layer of security.
This prevents the scammers from accessing your email with an old password.
2. Scan Your Computer for Malware, Adware, and Viruses
The phishing site may have downloaded malware or viruses onto your device. Scan your computer with Malwarebytes to detect and remove anything suspicious.
Also check browser extensions and remove anything you don’t remember installing.
If you reuse passwords across accounts, start changing them immediately.
Notify your bank, credit card companies, employer, or anywhere sensitive if the compromised email is associated with them.
Monitor statements closely for fraudulent activity. Consider freezing credit reports to be safe.
4. Beware of Any Emails From Your Compromised Account
Attackers may now send emails from your account to personal contacts or colleagues containing more phishing links or malware attachments.
Warn them not to open anything from your email. Send test emails from a different account if needed.
5. Watch For Identity Theft and Fraud
Keep an eye out for any suspicious activity indicating stolen identity, such as:
Credit cards or accounts opened in your name
Debt collection calls for accounts you don’t own
Medical bills for treatment you didn’t receive
Payroll/tax issues indicating job changes you didn’t make
Place fraud alerts and monitor your credit reports as precautions.
Is Your Device Infected? Check for Malware
If your device is running slowly or acting suspicious, it may be infected with malware. Malwarebytes Anti-Malware Free is a great option for scanning your device and detecting potential malware or viruses. The free version can efficiently check for and remove many common infections.
Malwarebytes can run on Windows, Mac, and Android devices. Depending on which operating system is installed on the device you’re trying to run a Malwarebytes scan, please click on the tab below and follow the displayed steps.
Malwarebytes For WindowsMalwarebytes For MacMalwarebytes For Android
Scan your computer with Malwarebytes for Windows to remove malware
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes for Windows
You can download Malwarebytes by clicking the link below.
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Your computer should now be free of trojans, adware, browser hijackers, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Scan your computer with Malwarebytes for Mac to remove malware
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
Your Mac should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Scan your phone with Malwarebytes for Android to remove malware
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
Your phone should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
Tips to Avoid Falling For the DocuSign Phishing Scam
Here are some tips to avoid becoming a victim of the “DocuSign email” scam going forward:
Look for Red Flags in the Sender Details
Carefully inspect the sender’s email address and name. Phishing emails may show:
Misspellings (docusign.co instead of .com)
Odd domains and addresses
Reply-to addresses from free email providers
Unofficial addresses like support@docusigndocuments.com should raise alarms.
Verify the Login URL
Before entering any information, double check that the URL matches DocuSign exactly:
https://www.docusign.com/
Official URL starts with docusign.com
Scrutinize any redirection links carefully. Unusual or excessively long URLs are red flags.
Look for Poor Grammar, Spelling, and Formatting
Phishing emails tend to contain typos, awkward phrasing, and other linguistic mistakes. Notice if:
Words are misspelled
Sentences sound unnatural
Branding/graphics look off
Official DocuSign emails will be professionally polished without errors.
Don’t Click Links in Unexpected Emails
Avoid clicking on any embedded links if you receive a surprise DocuSign email out of the blue. Even if it looks legitimate, manually navigate to the site to log in.
Verify the email first by contacting the alleged sender directly.
Use Caution When Asked to Verify Personal Information
DocuSign will rarely ask you to enter personal details like credit cards or government ID numbers to access documents.
Any urgent demands for sensitive information through email could be a scam attempt. Proceed with extreme caution.
DocuSign Emails Must Be Digitally Signed
Legitimate DocuSign emails contain visible digital signatures with “Signed by DocuSign” wording. Phishing emails lack this signature stamp of authenticity.
![DocuSign Digital Signature][]
Enable Login Notifications
Turn on DocuSign login notifications so you’re alerted whenever someone accesses your account. This lets you catch unauthorized logins immediately.
Frequently Asked Questions About the DocuSign Phishing Scam
1. How can I tell if a DocuSign email is legitimate or a scam?
Carefully inspect the sender’s email address and name for inaccuracies. Phishing emails often contain misspellings, odd domains, or reply-to addresses from free providers. Verify the URL matches DocuSign’s official site docusign.com and check for digital signatures on all DocuSign emails.
2. What happens if I click the link in a DocuSign phishing email?
The links in scam DocuSign emails redirect to a fake login page designed to steal your credentials. If you enter any login details, attackers gain full access to your accounts.
3. What should I do if I entered my login information on a DocuSign phishing site?
Immediately change your password and enable two-factor authentication. Scan devices for malware, monitor accounts for fraud, and beware of additional phishing attempts from your compromised email.
4. How can I avoid falling for the DocuSign email phishing scam?
Carefully verify sender addresses, URLs, and content in any emails asking you to login. Manually navigate to docusign.com to enter credentials. Enable login notifications and use unique passwords to minimize risk.
5. Why do phishing scammers target DocuSign users?
DocuSign’s popularity for e-signatures makes it a prime target. Scammers bank on users having sensitive documents, payment info, and other valuable data in accounts they can access.
6. Can phishing scammers really replicate the DocuSign login page and emails?
Yes, phishing sites and emails are designed to precisely mimic the DocuSign branding, graphics, and content. This fools victims into believing they are on the legitimate website.
7. Is it ever truly safe to click links or download attachments from emails?
No, it is never guaranteed safe. Always manually navigate to sites and verify senders before clicking email links or attachments, no matter how legitimate they appear.
8. How can I report a suspected DocuSign phishing email?
Forward scam emails to spam@docusign.com. You can also report phishing sites to Google Safe Browsing and the Anti-Phishing Working Group.
9. What information do DocuSign phishing scams aim to steal from users?
These scams mainly target email login credentials to access other accounts. But they can also steal names, addresses, credit cards, files, and any other sensitive personal data.
10. Could my device get hacked by clicking on links in a phishing email?
Yes, phishing sites often contain malware payloads that install on devices when clicked, allowing remote access for attackers to steal data and spy.
The Bottom Line
The “DocuSign email” phishing scam tricks countless people into surrendering email passwords and personal information daily.
These fraudulent emails pose as DocuSign, claiming you need to urgently sign or review a document. Buttons redirect to a fake login page designed to steal credentials.
If you receive a suspicious DocuSign email, carefully inspect the sender details, URLs, and content for red flags. Avoid blindly clicking on links or submitting sensitive information.
Change passwords and enable two-factor authentication if you shared details through a phishing site. Monitor accounts closely for fraudulent activity and be wary of follow-up phishing attempts.
Staying vigilant is key to protecting yourself from this scam. Arm yourself with knowledge of common phishing techniques used in the deceptive “DocuSign email” scheme and others like it.
How to Stay Safe Online
Here are 10 basic security tips to help you avoid malware and protect your device:
Use a good antivirus and keep it up-to-date.
It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.
Keep software and operating systems up-to-date.
Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
Be careful when installing programs and apps.
Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."
Install an ad blocker.
Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.
Be careful what you download.
A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.
Be alert for people trying to trick you.
Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.
Back up your data.
Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.
Choose strong passwords.
Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.
Be careful where you click.
Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.
Don't use pirated software.
Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.
To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.
Leave a Comment
Meet Thomas Orsolya
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
