Employees targeted with fake DocuSign "confidential message"
Posted on 23.01.2013
An email purportedly sent by the DocuSign Electronic Signature Service on behalf of the administrative departments of a wide variety of organizations and businesses is hitting the inboxes of their employees, Bitdefender warns.

With "To All Employees - Confidential Message" in the subject line, a spoofed "From" email address, rather legitimate looking graphics in the email's body and the URL of the company's official website inserted at the end, the email is likely to be considered genuine by many:


The email urges recipients to open the attached To ALL Employees.zip file, which actually contains an information-stealing Trojan that searchers for passwords of users' e-mail client and those saved by their browsers, and collects account information (server names, port numbers, login IDs, and more).

In addition to this, it also attempts to log into other connected machines by trying out a hardcoded list of most frequent password, and some variants are also able to download additional malware on the already infected systems.

DocuSign is aware of the malicious spam campaign and is warning users about it, advising them not to open attachments in emails that seem to come from the service and to forward the bogus email to spam@docusign.com to help with their forensic efforts.

"DocuSign continues to aggressively investigate this incident and is working with law enforcement agencies to take further action," they wrote, adding that DocuSign doesn't sell user information to third parties.

"Malicious third parties most often obtain email addresses by spidering the Internet, purchasing lists, and then 'phishing' for personal information via phone calls, spam emails, or fake web sites that contain malicious viruses designed to capture email directories, contacts, and other personal data," they explained.






Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //