invoices

  • Blog

    DocuSign’s Envelopes API abused to send realistic fake invoices

    Threat actors are abusing DocuSign’s Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a legitimate service, the attackers bypass email security protections as they come from an actual DocuSign domain, docusign.net. The goal is to have their targets e-sign the documents, which they can then use to authorize payments…

    Read More »
Back to top button
close