1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • DocuSign abused to launch devious phishing scams

    From TechnologyDaily@1337:1/100 to All on Fri Aug 13 14:00:04 2021
    DocuSign abused to launch devious phishing scams

    Date:
    Fri, 13 Aug 2021 12:40:37 +0000

    Description:
    Fraudsters could easily abuse DocuSigns reputation and infrastructure to conduct phishing scams, researchers claim.

    FULL STORY ======================================================================

    Cybersecurity researchers have discovered a new attack, in which malicious users spoof DocuSign messages to send malicious documents and phishing links.

    Previously , hackers have exploited the trust users associate with DocuSign to pass around fake phishing emails, to pilfer user credentials from all
    major email providers .

    DocuSign is an electronic signature technology used by businesses and individuals to exchange contracts, tax documents and legal materials. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Heres our collection of the best eSign software solutions Take a look at these best password managers Weve also rounded up the best security keys

    The threat actors behind this new wave of phishing attacks, discovered by email security vendor Avanan, are using this legitimate application to pass malicious links.

    E-signature providers such as DocuSign and Adobe Sign typically flatten uploaded document files and convert them into static .pdf files. This does help deter threats such as Macros from being embedded in the document. However, hyperlinks within a .pdf, .docx, etc., get carried on in the
    document and retain clickability to the end recipients after Signing execution, explains Avanans Jeremy Fuchs in a blog post. Abusing trust

    Avanan explains that although DocuSign has implemented various security measures to prevent malicious documents from being hosted on its infrastructure, a trailblazing attacker could use mechanisms like steganography to override the checks and deliver a weaponized piece of
    malware or ransomware .

    Furthermore, Avanan discovered that while embedding booby-trapped files does take some doing, malicious links can be added to any document without any effort or trick.

    In his writeup Fuchs argues that this is a particularly effective strategy since it hosts the phishing link on DocuSigns servers, while keeping the
    email clean, which helps it get past any security checks imposed by the
    client clients.

    Fuchs notes that Avanan has shared details about this attack vector with the DocuSign information security and threat intelligence team. Shield yourself with these best identity theft protection services



    ======================================================================
    Link to news story: https://www.techradar.com/news/docusign-abused-to-launch-devious-phishing-scam s/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)