色花堂app

Malwarebytes has reported a sophisticated phishing scam where cybercriminals exploited the DocuSign API to distribute fraudulent emails impersonating PayPal. ISU faculty, staff and students have reported receiving these emails.

By creating legitimate-looking DocuSign accounts, the attackers sent out fake invoices that appeared to originate from PayPal, thereby bypassing many email security filters. These emails typically claimed an unauthorized transaction had occurred and urged recipients to contact a fraudulent "Fraud Prevention Team" via a provided phone number. Notable red flags included sender addresses from Gmail accounts and discrepancies in recipient information.

Verify Suspicious Emails: If you receive an unexpected DocuSign email, do not click on any links. Instead, go directly to DocuSign's official website and use the 'Access Documents' feature to verify the document's legitimacy.

Report Fraudulent Activity: Immediately report any suspected fraudulent transactions to both PayPal and DocuSign through their official channels.

Monitor Financial Accounts: Regularly check your PayPal and linked bank accounts for unauthorized transactions and report any suspicious activity promptly.