Scam Radar

How can you recognize Adobe Sign / DocuSign phishing — fake document to sign?

Published

TLDR

Email simulates a DocuSign/Adobe Sign notification with an attachment 'to sign urgently' (contract, NDA, invoice). Link redirects to a fake login page to steal Microsoft 365/Google credentials. Indicators: 1) unknown sender/strange domain;...

How it works

Email simulates a DocuSign/Adobe Sign notification with an attachment 'to sign urgently' (contract, NDA, invoice). Link redirects to a fake login page to steal Microsoft 365/Google credentials. Indicators: 1) unknown sender/strange domain;...

Red flags

  • Urgent pressure to click, pay, or share codes immediately.
  • A link or sender that does not match the official organization.
  • Requests for card data, passwords, OTPs, wallet signatures, or bank transfers.

What to do

  1. 1IF VICTIM: change corporate account password, check inbox rules for exfiltration, report to IT.

Source

CISA

Source reviewed by Mythos Forensic Team

https://www.cisa.gov/

FAQ

Is Adobe Sign / DocuSign phishing — fake document to sign a real scam pattern?

Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.

What are the first warning signs?

Urgent pressure to click, pay, or share codes immediately.; A link or sender that does not match the official organization.; Requests for card data, passwords, OTPs, wallet signatures, or bank transfers.

What should I do first?

IF VICTIM: change corporate account password, check inbox rules for exfiltration, report to IT.

Can LegalAudit check my case?

Yes. Start a free chat and paste the message, link, sender, or payment details for triage.