close
close

Association-anemone

Bite-sized brilliance in every update

DocuSign Envelopes API was hijacked to send fake invoices
asane

DocuSign Envelopes API was hijacked to send fake invoices


  • Hackers have discovered that they are abusing DocuSign to send phishing emails
  • The signed documents are used to request payment
  • DocuSign says it has implemented additional safeguards

Cybercriminals are abusing DocuSign’s Envelopes API to trick companies into signing fake invoices, which are then used to steal money from victims.

DocuSign is a design software platform that businesses can use to sign, send and manage documents digitally – with ‘send’ being the key word here.