Threats Tagged 'docusign impersonation'
View all threats tagged with 'docusign impersonation'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'docusign impersonation'
Click on any threat for detailed analysis and mitigation recommendations
Sign here… and install an unwanted RMM 0 A phishing campaign impersonates DocuSign branding to deliver malicious JavaScript on fraudulent webpages, tricking users into installing MSI packages disguised as DocuSign updates. These installers deploy legitimate Remote Monitoring and Management (RMM) tools from Atera Network Ltd and ConnectWise/ScreenConnect, enabling remote access. The campaign targets both Windows and macOS systems and uses extensive attacker infrastructure with hundreds of domains and Telegram bots to collect victim telemetry such as IP addresses and geolocation. No official patch or fix is available as this is a social engineering attack leveraging legitimate software. Join the discussion | AlienVault OTX General | 07/10/2026, 17:25:52 UTC Added: 07/13/2026, 10:32:46 UTC |
Showing 1 to 1 of 1 result