Fake DocuSign emails target some top US contractors
- Fraudsters pose as US government agencies
- Victims are encouraged to renew fake contracts with DocuSign
- The number of attacks has increased by almost 100% in the past month
Cybersecurity researchers have found that threat actors are increasingly using DocuSign impersonations to target companies that interact with state and municipal agencies.
Research by SlashNext The number of attacks found has increased by 98% compared to the last two months. Hundreds of cases are detected every day and tactics are outpacing detection methods. Many of these companies specifically pose as government agencies to exploit pre-existing trust relationships between companies and regulators.
Researchers found impersonations of the Department of Health and Human Services, the Maryland Department of Transportation, the State of North Carolina Electronic Vendor Portal, the City of Milwaukee, the City of Charlotte, the City of Houston and the North Carolina Licensing Board for General. Contractors.
High stakes signatures
As with most scams, the criminals created a false sense of urgency among the victims. In one case, a North Carolina commercial contractor received notice that their $12 million hospital construction project was at risk of immediate shutdown due to a compliance issue. The announcement called for an “emergency compliance bond” of $85,000 to prevent work stoppages.
In addition to the financial losses, suppliers also face business disruptions and loss of sensitive data due to fake contracts.
Companies that have a number of government contracts may be inundated with communications and contracts, but it’s important to remain vigilant and double-check emails with inaccurate pricing or industry-specific terminology as an indicator of inauthenticity.
“For businesses, the most important approach to defending against these fraudulent attacks is to raise awareness within the organization, educate and empower all employees to identify attacks at the earliest possible stage.” said Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity.
“In addition, it is critical that incoming communications are thoroughly screened before being presented to users, whether they be emails, SMS or even old-fashioned postal and fax communications”
