In a concerning trend, cybercriminals are leveraging DocuSign’s APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively crafted emails ...
DOCUSIGN_INTEGRATION_KEY= DOCUSIGN_USER_ID= DOCUSIGN_API_ACCOUNT_ID= DOCUSIGN_PRIVATE_KEY_PATH="private_key" DOCUSIGN_BASE_URL=https://demo.docusign.net/restapi ...
Cybercriminals are abusing a Docusign API in a widescale, innovative phishing campaign to send fake invoices to corporate users that appear authentic and likely would not trigger typical security ...
Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a legitimate service, ...
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community. Digging deeper into the scam, Malwarebytes Labs finds that the ...
DocuSign, Inc. is an American company providing document management services. In a recent cyber threat development discovered by the Wallarm security firm, attackers are exploiting DocuSign’s API ...
This type of application interacts with DocuSign on its own. There is no user interface and no user is present during normal operation. The application uses the OAuth JWT grant flow to impersonate a ...
I didn’t see much visibility on this DocuSign hack. This is a situation where the product features were not vetted to understand if they could be misused by malicious fraudsters. There is not a ...
Cybercriminals have found a way to leverage Docusign’s Application Programming Interface (API) to make phishing attacks appear more genuine. This method, recently investigated by Malwarebytes Labs, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback