Protecting Sensitive DocuSign Data

BE AWARE! Docusign phishing emails are intended to steal your personal information.

What You Need to Know

Docusign is not immune from Cybercrime.

Here are ways to help you ensure your emails from Docusign are authentic.

Actual DocuSign Emails

DocuSign emails will always be from a "@docusign.net" email address
The San Jose State University wordmark will be placed at the top of the email body
There will be a yellow button to "Review Document"

Want to know more about how to identify and report malicious emails?

Check out our quick videos on Frauds and Scams or read "Combating Phishing: A Proactive Approach [pdf]".

What You Need to Do

Recognize Suspicious Activities

Learn how to properly detect and avoid phishing. Below are some red-flags of DocuSign phishing:

The subject line may look similar to that of an actual DocuSign email.
Example: "Completed <recipientDomain.com> Accounting Invoice 426832 Document Ready for Signature"
The sender address may look really similar to one from docusign.
Examples: "dse@docusgn.com" or "dse@docus.com"
The body of the email may ask you to click on a link and provide your credentials

If you do not recognize the sender of a DocuSign email and are uncertain of the authenticity of an email:

Authenticate the Security Code
- Here’s how: enter the security code to authenticate the DocuSign email.
- The security code will be located at the bottom of the DocuSign email under the title "Alternate Signing Method."
- You will NOT be required to provide your credentials or personal information like username and/or password.

If you have any questions or have reason to believe your account has been compromised:

Please contact the IT Service Desk at (408) 924-1530 or email security@sjsu.edu immediately.

If you signed-in using the link provided in the Docusign phishing email message:

Immediately change your SJSUOne password.

If you received the message, but did not open it or click the link:

Please use the “Report Phishing” button inside your email account or delete the message.

Learn how to properly detect and avoid phishing. Below are some red-flags of DocuSign phishing:

The subject line may look similar to that of an actual DocuSign email. Example: "Completed <recipientDomain.com> Accounting Invoice 426832 Document Ready for Signature"
The sender address will be from "dse@docusgn.com", "dse@docus.com" or something similar to that of an actual DocuSign email
The body of the email will indicate to click on a link and provide your credentials - BE AWARE! These types of phishing emails are intended to steal your personal information

Who is at Risk?

Everyone

What Happens if You Don’t Act

Phishing email or falling victim to a phishing attack has a massively damaging effect on productivity, data loss, and reputational damage. Please stay vigilant!

Support: Need Help or Have Questions

Open a help ticket.

If you have any questions or have reason to believe your account has been compromised, please contact the IT Service Desk at (408) 924-1530 or email security@sjsu.edu.