Last week, a fresh batch of malicious emails landed in inboxes across the APAC region. The scam emails do a remarkable job of impersonating financial notices from DocuSign, a US-based company that provides electronic signature technology and digital transaction management services.
The fake emails contain the DocuSign logo and use the same template and colours. At first glance, they look almost identical to original DocuSign emails. The subject line reads Please DocuSign: Shareholder.pdf and the body of the email is well executed with no obvious spelling or grammatical errors. The sender’s name is not always the same and we have seen a few variations including Jacqueline Groenke, Simone Ferrario and Stephanie Riches.
The email gives the impression that it is from the Australian Tax Office (ATO) and contains 2017 tax returns to be submitted with an electronic signature. Scam emails targeting or purporting to come from the ATO are particularly effective around this time of the year when many Australians are in the process of filing their tax returns and could be expecting email communication in this regard.
The email contains a Review Documents button which when clicked links to a zip file containing a malicious javascript file.
Fortunately, even when it appears legitimate at first glance, with a little vigilance, these emails are easy to identify as fake.
In this instance, the ‘From’ address of the email is DocuSign System <[email protected]>. Usually, fake domains closely resemble actual ones but will have small differences such as the ‘er’ at the end of docusign; indicating that something is not quite right.
Another giveaway in this particular campaign was receiving a burst of similar emails within a short span of time.
It also helps to consider whether you were expecting to receive an email from that particular sender. When filing tax returns online through your my.gov.au account, the ATO does not require you to submit a digital signature. If you are unsure, phone the sender directly and ask for clarification.
The last word on the subject of phishing and other malicious emails is constant vigilance. Even with the use of latest firewalls, anti-virus, spam filters and other security software, email malware could still make its way to your inbox.
For more tips on how to spot phishing emails, read our earlier blog post here.