Docusign warning!

With the growing number of scam emails that are flowing around the ether, we’ve been made aware recently of one that could be more credible to our clients than others. A longstanding client received an email purporting to be from Docusign, and contacted us to check if it was something we’d sent for her approval. It wasn’t, but she was right to be cautious!

The email that had been received looked very like an authentic Docusign email, and the only people who send those to her legitimately is us, hence the query. We’re very grateful that she was wary and checked with us, as it gives us the chance to warn others!

Looking at the email that she received in more detail, there were some tell-tale signs that we could spot that could give others some surety.

What to look for…

• The spam email had the Docusign logo at the top, but didn’t show our logo across the top of the email; ours will.
• The spam email didn’t include a picture of Liz against her name and email address (liz@baranovassociates.co.uk) as the sender beneath a large purple box just beneath our logo; ours will.
• The spam email didn’t include a note with the client’s name and an explanation of what we were sending and what needed to be done to complete the signing process; ours will.
• The spam email wasn’t accompanied by a separate email from us, explaining what we were sending and what the client needed to do, which anything we send through Docusign will have.
• The spam email wasn’t from either of our email addresses, but an unknown email address. Ours will come from ‘Liz Baranov via Docusign’ and then include a docusign.net extension, whichever one of us sends it; it’s just the way we have the account set up.
• The spam email didn’t include a clear title for the documents that were purportedly enclosed for signing. Our Docusigns will always include the client’s name or business name and then either ‘accounts year ended’ or ‘Your Tax Return’ or similar.
• Lastly, the text, punctuation and layout of the content of the email was poor. There was no punctuation, and the spacings and capitalisation were apparently random. We may not be perfect, but hopefully do better than this!

Again, we found all of the above because we use Docusign a lot. To the occasional recipient, these would be much less obvious, so please take a minute to review the above so you’re prepared in case one of these meals drops into your inbox next.

In common with many spam emails, the sender will have no connection to the company they’re imitating but is simply taking advantage of the recipients familiarity with the platform, and will be hoping that you’ll let your guard down and click on the link.

Please be careful and as ever, if you’re unsure of any Docusign requests, or other emails that you receive that may be from us or from HMRC, please do as this client did and get in touch before clicking on any link. Because we don’t work up against deadlines, there is never so much urgency needed for a response that you can’t take the time to do so, and the results of not doing so could be horrendous!

Once again, thank you very much to the eagle-eyed client who was able to spot this one, check with us and enable us to warn others!