We recently had a couple of instances where an employee received, what they described, as a "fake" Docusign email.  The email looks legit, originating from the standard DocuSign email address but the originating person and the associated email address and message are suspicious. We are investigating what options we may have to help filter and block these, but they are very difficult to identify since they are coming from a valid source.  Have you encountered a similar situation? Have you figured out a way to prevent or block these emails?

672 views1 Upvote3 Comments
Sort By:
Oldest
AI LegalTech Counsel & Legal Ops Innovation Leader | Digital Transformation Expert | Strategic Advisor in Services (non-Government)6 months ago
Are you sure the email address was from DocuSign? Usually phishing emails try to mimic legitimate emails/domains but include subtle mistakes/variations (i.e. coming from docusign.org or from docus1gn.com). You should check with your IT department to make sure your organization has implemented proper email authentication protocols and email filtering methods.

Also, I recommend implementing (or updating) employee education and training on how to recognize suspicious emails. Usually there are tell-tale signs of phishing/spoofing, such as suspicious names, grammatical/spelling mistakes, unusual attachments, etc. One of my previous companies regularly sent out simulated phishing emails as part of our cybersecurity training and awareness program.
1
Director of Operations and General Counsel in Manufacturing6 months ago
Domains can be spoofed; the resulting e-mail will appear to originate from a valid source.  However, often there is metadata or other embedded information (links, etc) that will give clues as to the authenticity of the e-mail.  If your company hasn't already, I would recommend investing in software that helps determine whether or not the e-mail is legitimate:  Mimecast is one such solution.

Users will still benefit from training since they're the last line of defense, but there are solutions on the market which should reduce the extent to which this is a problem.

Learn more about Mimecast here, and check out their e-mail security solutions as well as DMARC technologies:  https://www.mimecast.com/
1
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Director of Legal in Healthcare and Biotech6 months ago
For us we do whitelist legitimate email address, there could be email address spoofing which makes the sender appear legitimate when it is not.

 

We also have warning banners for emails outside of our network:
1

Content you might like

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial ManagementVendor Management
VP of Global IT and Cybersecurity in Manufacturing6 years ago
Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.
Read More Comments
22.1k views3 Upvotes28 Comments

Who will WIN Generative AI Future (GPT/ChatGPT)?

Data & AnalyticsDisruptive & Emerging TechnologiesEnd-User Services & Collaboration+1 more

Open AI (Game Changer: adoption w/ChatGPT)41%

Google (Game Changer: inventor of Transformers, Bard)19%

Microsoft (Game Changer: real time BingGPT+Search plus enterprise enablement)19%

Meta (Game Changer: LLM that can run on single GPU)6%

Amazon (Game Changer: TBD)4%

X.AI / Elon Musk (Game Changer: TBD)3%

Baidu (Chinese tech giant, with GPT version released in March)2%

Someone completely new6%

View Results
46.7k views49 Upvotes15 Comments

What are the fundamental leadership capabilities that are needed for an era of exponential technology and AI innovation?

Disruptive & Emerging TechnologiesCulture & ValuesMentoring & Coaching+3 more
Director, Experience Design in Educationa year ago
I think Alivin Toffler said it best: "The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn."

The most important attribute, then, is ...read more
31 3 Replies
Read More Comments
193.8k views172 Upvotes152 Comments

For those involved in eCommerce on the legal side, how do you define that role and what type of work is in scope?  This recently came under the purview of our legal privacy group, but we're finding that everyone seems to have a different idea of what eCommerce means.  Some just see anything related to the internet/technology and kick it over to us.  So we're trying to benchmark against other attorneys that advise on eCommerce and the types of work that typically fall within your scope. Any thoughts or insights would be much appreciated.

Business ApplicationsLegal
35 views

Does your business have a measurable framework that people or departments must follow when choosing new tools or technologies for your business?

Culture & ValuesVendor/Product Recommendation

Yes, and it is always followed22%

Yes, but it is rarely followed54%

Some departments do, but not across the business14%

No9%

View Results
1.8k views2 Upvotes