Protecting Sensitive DocuSign Data
BE AWARE! DocuSign phishing emails are intended to steal your personal information.
What You Need to Know
DocuSign is not immune to cybercrime.
Here are ways to help you ensure your emails from DocuSign are authentic.
Actual DocuSign Emails
- DocuSign emails will always be from an "@docusign.net" email address
- The San José State University wordmark will be placed at the top of the email body
- There will be a yellow button to "Review Document"
Want to know more about how to identify and report malicious emails?
- Check out our quick videos on Frauds and Scams or read "Combating Phishing: A Proactive Approach [pdf]."
What You Need to Do
Recognize Suspicious Activities
Learn how to properly detect and avoid phishing. Below are some red-flags of DocuSign phishing:
- The subject line may look similar to that of an actual DocuSign email.
Example: "Completed <recipientDomain.com> Accounting Invoice 426832 Document Ready for Signature" - The sender address may look really similar to one from DocuSign.
Examples: "dse@docusgn.com" or "dse@docus.com" - The body of the email may ask you to click on a link and provide your credentials
- BE AWARE! These types of phishing emails are intended to steal your personal information
If you do not recognize the sender of a DocuSign email and are uncertain of the authenticity of an email:
- Authenticate the Security Code
- Here’s how: enter the security code to authenticate the DocuSign email.
- The security code will be located at the bottom of the DocuSign email under the title "Alternate Signing Method."
- You will NOT be required to provide your credentials or personal information like username and/or password.
If you have any questions or have reason to believe your account has been compromised:
- Please contact the IT Service Desk at (408) 924-1530 or email security@sjsu.edu immediately.
If you signed-in using the link provided in the DocuSign phishing email message:
If you received the message, but did not open it or click the link:
- Please use the “Report Phishing” button inside your email account or delete the message.
Who is at Risk?
- Everyone
What Happens if You Don’t Act
Phishing email or falling victim to a phishing attack has a massively damaging effect on productivity, data loss, and reputational damage. Please stay vigilant!
Support: Need Help or Have Questions
If you have any questions or have reason to believe your account has been compromised, please contact the IT Service Desk at (408) 924-1530 or email security@sjsu.edu.