Skip to content

Holiday Reminder

Check Fraud Is On the Rise - Reduce Your Risk of Becoming a Victim

DocuSign Warns of New Phishing Scam that Uses Malicious DocuSign-themed Emails

 

Check Fraud Is On the Rise - Reduce Your Risk of Becoming a Victim

No matter how a thief may get one of your checks -- whether you have directly paid a person who is less than trustworthy or someone has stolen a check from a bill you have mailed -- they can create fake checks and other transactions if they know what information to use.

How businesses can reduce the risk of becoming a victim of check fraud:

  • Use Positive Pay -- Our Positive Pay provides businesses an extra layer of protection against check fraud and electronic ACH fraud by only paying items you have confirmed as legitimate, plus BAC waives the monthly fee for this service.

How all customers can reduce the risk of becoming a victim of check fraud:

  • Use your debit card instead of checks -- debit cards do not display your account number, can be easily managed or canceled, and provide consumer protections against fraudulent charges

  • Use account alerts -- set up custom alerts through mobile or online banking that notify you when transactions are processed

The threat of check fraud is real. Using these simple suggestions can help you avoid becoming a victim of this crime.

 

DocuSign Warns of New Phishing Scam that Uses Malicious DocuSign-themed Emails

DocuSign has observed a new phishing campaign in which malicious URLs are being hidden in fake / imitation DocuSign-themed emails.

The emails have been spoofed to appear to be sent from dse@docusign[.]net or dse@docusign[.]com. These emails are not legitimate and do not originate from DocuSign email servers. They contain the following subject line:

  • Re: Document to Sign and Complete

The emails contain a link to a phishing page that is hosted on the following domain:

  • hxxps://ipfs[.]fleek[.]co/ipfs//

DocuSign does not use this service. Please treat any DocuSign-themed emails with a link to “ipfs[.]fleek[.]co” as phishing.

Do not click on any email or attachment links from unknown or untrusted senders. All DocuSign users are reminded that they should continue their own due diligence and identify and report to DocuSign any suspicious emails using legitimate DocuSign accounts and technology, as well as suspicious emails spoofing the DocuSign brand. DocuSign users should also continue to utilize their own organization’s security tools to investigate potentially malicious documents, links and notifications.

Users can reach DocuSign directly by using one of these DocuSign email addresses:

For more information on how to spot phishing, please watch What is Phishing & Smishing? and read Protecting Your Organization Against DocuSign Brand Impersonation.