Courtesy of CFO Alliance member Richard Swinyard, Managing Partner & CFO of Computer Integrated Services
Electronic signature technology company DocuSign has admitted that it suffered a breach of one of its computer systems resulting in stolen data including customer and user email addresses. The breach has allowed the hackers to target DocuSign customers and users to send phishing emails requesting wire transfers. This is particularly concerning since so many companies use DocuSign for electronic signatures and employees may not be alert or wary of receiving an email from DocuSign requesting authority to transfer funds.
The malicious malware that customers receive have in the subject line “Completed: docusign.com—Wire Transfer Instructions for recipient-name Document Ready for Signature.” The emails include a link to a Word document that contains malware. The emails spoof and use the DocuSign branding in the header and body of the email.
Customers and users of DocuSign should alert their users of the malicious malware and to be vigilant regarding any emails allegedly sent to them by DocuSign. DocuSign has requested that any users who receive a suspicious email forward it to email@example.com.
Employees associated with wire transfers in the organization should be alerted about this concerning malware campaign to protect against a successful intrusion and theft of funds.
The DocuSign breach occurs at a time when cybersecurity attacks are becoming increasingly sophisticated, only a week following the WannaCry cyber-attack that spread quickly and affected entities in over 150 countries. Our partner, Dante Disparte, CEO of Risk Cooperative, published his perspective on the attack and the importance of cyber security for the Huffington Post. Join Financial Executives in a discussion on the WannaCry Cyber Attack on The CFO Alliance discussion page.
The CFO Alliance will kick off its third-quarter Roundtable Discussion series starting August 2nd in Souther California. The topic, "Managing Risk in Unchartered Waters: Financial, Geo-Political, Cyber, Regulatory" is well-timed given the increasing risk in today's society. To register, visit The CFO Alliance Events page.