Criminals open DocuSign’s Envelope API to make BEC special delivery

Criminals open DocuSign's Envelope API to make BEC special delivery

November 5, 2024 at 01:43PM

Business email compromise scammers are leveraging the DocuSign API to create seemingly legitimate e-signature requests, leading to fraud. These attackers use custom templates to send invoices, bypassing spam filters. In 2023, BEC scams have cost US businesses $2.9 billion, highlighting the need for vigilance and sender verification.

**Meeting Takeaways:**

1. **Increased Threat of Business Email Compromise (BEC):** Scammers are enhancing their tactics by exploiting the DocuSign API to improve their success rates in fraudulent activities.

2. **DocuSign Envelope API:** The Envelope: create API is intended to streamline document distribution and customization within DocuSign’s legal signing product, but this openness is being misused by attackers.

3. **Method of Attack:**
– Attackers create legitimate DocuSign accounts to develop customized e-sign requests that mimic well-known brands.
– The legitimacy of the invoices makes them bypass standard email filters since there are no malicious links or attachments present.

4. **Significant Financial Impact:** BEC scams have led to a reported loss of $2.9 billion for US businesses in 2023, with many cases unreported.

5. **Growing Concern:** Wallarm has noted a rise in these BEC activities, indicating that the problem may worsen before it improves.

6. **DocuSign’s Response:**
– DocuSign has acknowledged the misuse of their service and created an Incident Reporting guide for users.
– Users are advised to be cautious of suspicious emails and links.

7. **Recommended Precautions:**
– Always check the sender’s email address.
– Verify payment details meticulously.
– Stay vigilant, as these measures are crucial in combating cyber threats.

8. **Next Steps:** Continue monitoring the situation and implement best practices for email security to mitigate risks associated with these scams.

Full Article