DocuSign email scam targets healthcare workers

Most of america motion documents online without reasoning twice. A speedy DocuSign petition appears successful your inbox. You click the link, reappraisal the papers and determination connected with your day. That convenience is precisely what scammers trust on. Recently, we received a connection from a CyberGuy scholar that shows however convincing these scams tin look. In this case, the email appeared to travel from a wellness licensing authorization and asked the recipient to reappraisal a papers tied to a nonrecreational licence renewal.

Here is the email we received from Susie, a registered caregiver successful Florida who astir fell for the scam.

"I americium a Registered Nurse, and my bi-annual renewal is approaching. Last month, I received a astonishing (at slightest to me) email with a papers to DocuSign from the authorities Board of Health. It didn't consciousness right, adjacent though I person utilized DocuSign aggregate times successful the past. Those experiences were known transactions. I contacted the authorities board, and they confirmed that it IS a SCAM. I sent them screenshots, etc. and reported the connection for phishing. I privation to convey you, Kurt, due to the fact that it was acknowledgment to you that I questioned the veracity of this outreach. Reading the articles and tips you supply saved maine a large woody of trouble. Thanks again, and each you nurses retired determination renewing your license, beryllium wary." - Susie C, Orlando, FL

Susie did precisely what information experts recommend. She paused and verified the connection earlier clicking anything. That 1 measurement apt prevented a phishing attack.

SCAMMERS ARE USING DOCUSIGN EMAILS TO PUSH APPLE PAY FRAUD
 

Security experts pass that DocuSign scams exploit regular online habits to bargain passwords and entree idiosyncratic oregon nonrecreational accounts. (ilkercelik/Getty Images)

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide - escaped erstwhile you articulation my CYBERGUY.COM newsletter

What the suspicious DocuSign email looked like

Susie besides shared a screenshot of the connection she received. At archetypal glance, the email looks familiar. The bluish layout resembles existent DocuSign notifications. There is adjacent a ample yellowish Review Document button. But 1 item stood retired immediately.

The email code sending the connection was:
info.florida-department-of-health-email-notification@cc.ncu.edu.tw

That code has thing to bash with a U.S. authorities wellness department. 

Why DocuSign scams enactment truthful well

DocuSign is utilized by millions of businesses and authorities agencies. Because radical expect these requests, they often click without hesitation. Scammers exploit that habit. A emblematic DocuSign phishing email tries to make urgency. It whitethorn assertion a licence renewal, a declaration update, oregon a payroll signifier requires contiguous action. Once you click the button, respective things whitethorn happen:

• You whitethorn onshore connected a fake login leafage designed to bargain your email password.
• The tract whitethorn punctual you to download a malicious file.
• The nexus whitethorn redirect you to respective phishing pages.

In galore cases, the extremity is simple. Attackers privation your email credentials truthful they tin instrumentality implicit your relationship oregon motorboat much scams.

10 WAYS TO PROTECT SENIORS FROM EMAIL SCAMS
 

A Florida caregiver avoided a DocuSign phishing scam aft spotting a suspicious email tied to a fake wellness licence renewal request. (Smith Collection/Gado/Getty Images)

Red flags successful the DocuSign scam email

A fewer informing signs tin assistance you spot a fake petition quickly.

Suspicious sender address

Always look intimately astatine the sender's domain. Government agencies seldom nonstop messages from overseas world domains like .edu.tw. That unsocial signals thing is wrong.

Unexpected documents

Legitimate DocuSign requests usually travel a known interaction. For example, a declaration you discussed oregon paperwork you expect. An unexpected papers should ever rise questions.

Pressure to enactment quickly

Many phishing emails include connection that urges contiguous action. The extremity is to halt you from thinking. Take a infinitesimal earlier clicking immoderate button.

Generic papers descriptions

The connection shown successful the screenshot simply states that a papers is acceptable to review. It provides nary existent discourse oregon explanation. Legitimate documents often see details astir the transaction.

How clicking the nexus could compromise you

Many radical presume they volition admit a fake page. In reality, phishing sites look precise convincing. Some scams adjacent usage cloned DocuSign pages. Once victims participate their credentials, attackers summation entree to their email accounts.

From there, criminals can:

• Reset passwords for fiscal services
• Send phishing emails to contacts
• Search inboxes for delicate documents

In healthcare professions, that hazard tin besides exposure licensing accusation oregon patient-related communications.

APPLE APP PASSWORD SCAM EMAIL WARNING
 

Cybercriminals are utilizing fake DocuSign emails to instrumentality users into clicking malicious links and handing implicit delicate login credentials. (Gabby Jones/Bloomberg via Getty Images)

Ways to enactment harmless from DocuSign phishing scams

Fortunately, a fewer habits tin dramatically little your risk.

1) Verify the petition separately

If a papers claims to travel from a authorities bureau oregon employer, interaction them straight utilizing a known telephone fig oregon website. Never usage the interaction accusation wrong the suspicious email.

2) Hover implicit links earlier clicking

Move your cursor implicit the fastener and cheque the destination link. If the URL looks unfamiliar oregon unrelated to DocuSign, bash not click it.

3) Don't click links and usage beardown antivirus software

If an email seems suspicious, bash not click the nexus oregon unfastened immoderate attachment. Strong antivirus bundle tin assistance artifact malicious downloads, pass you astir unsafe websites and drawback threats earlier they dispersed crossed your device. Get my picks for the champion 2026 antivirus extortion winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

4) Use a information removal service

Scammers often stitchery idiosyncratic details from information broker sites and nationalist records to marque phishing emails look much believable. A information removal work tin assistance trim your exposed accusation online, which whitethorn marque it harder for criminals to people you with convincing messages. Check retired my apical picks for information removal services and get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com.  

5) Access documents done authoritative accounts

If you regularly usage DocuSign, motion successful straight astatine the authoritative website and cheque your pending documents there. That attack avoids email traps entirely. 

6) Report phishing attempts

Forward suspicious messages to your organization's information squad oregon the Federal Trade Commission phishing reporting strategy at ReportFraud.ftc.gov. The FTC besides advises forwarding phishing emails to the Anti-Phishing Working Group at [email protected]. Reporting scams helps support others from the aforesaid attack.

Kurt's cardinal takeaways

Scams win due to the fact that they blend into mundane routines. Signing documents online has go mean for work, healthcare licensing and fiscal paperwork. That convenience besides gives criminals a cleanable disguise. Susie's communicative shows however a tiny infinitesimal of uncertainty tin halt a phishing onslaught earlier it begins. A speedy telephone to the licensing committee revealed the truth. The connection was ne'er legitimate.

Now the question is 1 each scholar should consider. If a DocuSign email arrived successful your inbox close now, would you announcement the informing signs earlier clicking the button? Let america cognize by penning to america at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide - escaped erstwhile you articulation my CYBERGUY.COM newsletter 

Copyright 2026 CyberGuy.com.  All rights reserved.