Beware of a Hacked Email From DocuSign

Usually when I receive a suspicious email from another Sacramento Realtor, I send it back with a warning to let the agent know somebody might have hacked that email account. If it looks like they have attached something, perhaps an offer, I also mention that I don’t open unsolicited links. If they want to send me a document, then send it as an attachment. I’m extremely careful about what I click on, yet I realize the day will come when something malicious will get through; it’s just a matter of when, but I never expected to see a hacked email from DocuSign with an envelope.

Oh, sure, there are the goofy gmail stuff that ask recipients to click on a link, and most appear really hokey. Of course, if you’re overly busy and less prone to caution, I can see how an agent might be tempted to click on it. No agent wants to not open a purchase offer on her Sacramento listing. There are a lot of cyber attacks going on in gmail accounts, probably because they are so prevalent.

The hacked email from DocuSign I received this morning looked real. Very real. I studied it for a while. It was yellow and blue, just like the DocuSign emails I get from myself when I sign my own listings and purchase contracts online. It even had the access code displayed in case a person did not want to click on the “review documents” link. Best I could tell it was missing the App link. However, let me caution you that if you decide to use the access code that DocuSign provides in each and every email, do NOT click on the DocuSign link in the email. Open a new browser window and go to DocuSign yourself to enter the code.

I have received a bunch of offers on a new listing in Sacramento that just went pending. I suspected if there was an important document sent to me via DocuSign, it will most likely for that listing. Sometimes lazy agents who think they are being proactive and efficient will cc the listing agent on an offer in DocuSign, so after all of the parties have signed the offer, DocuSign will automatically send the purchase offer to the listing agent. I prefer to email directly to confirm receipt. Less chance for error.

Fortunately for this Sacramento Realtor, I have a software program that detects malicious hacks and viruses. After I finished studying the DocuSign email and clicked on it, it opened a window that said I should NOT proceed to that website because it was dangerous. Yup, it was a hacked email from DocuSign. I’m afraid other Sacramento Realtors and customers of DocuSign might not be so lucky.

See, this is just one MORE reason to always include a special message intended for the recipient like I do on my DocuSign transmissions. But even that is not sufficient. To be completely safe, you should probably use the code and go directly to DocuSign, if in doubt.

What will they come up with next? It’s anybody’s guess. You can never be too diligent to protect your computer against vicious cyber attacks.