DocuSign Phishing

SJSU DocuSign emails will always come from a "" email address.

For more information on how to identify and report malicious email, please watch our quick videos about Frauds and Scams or read "Combating Phishing: A Proactive Approach [pdf]" written by DocuSign.

If you have any questions or have reason to believe your account has been compromised, please contact the IT Service Desk at (408) 924-1530 or email

Recognize Suspicious Activities

Learn how to properly detect and avoid phishing. Below are some red-flags of DocuSign phishing:

  • The subject line may look similar to that of an actual DocuSign email. Example: "Completed <> Accounting Invoice 426832 Document Ready for Signature"
  • The sender address will be from "", "" or somthing similar to that of an actual DocuSign email
  • The body of the email will indicate to click on a link and provide your credentials - BE AWARE! These types of phishing emails are intended to steal your personal information

What should I do?

  • If you signed-in using the link provided in the email message, it is advised that you immediately change your SJSUOne password
  • If you received the message, but did not open it or click the link, please use the “Report Phishing” button inside your email account or delete the message

Actual DocuSign Emails

  • DocuSign emails will be from a "" email address
  • The San Jose State University wordmark will be placed at the top of the email body
  • There will be a yellow button to "Review Document"

Authenticating the Security Code

If you do not recognize the sender of a DocuSign email and are uncertain of the authenticity of an email, enter the security code to authenticate the DocuSign email. The security code will be located at the bottom of the DocuSign email under the title "Alternate Signing Method."

You will NOT be required to provide your credentials or personal information. Example: username and/or password