
A new phishing scam is making its way into inboxes—and we want to help you catch it! At Exact IT Consulting, we take your security seriously, which is why we’re alerting you to a new method hackers are using to bypass spam filters and compromise sensitive information.
How This New Phishing Scam Works
Bad actors are creating legitimate DocuSign accounts to send phishing emails that appear trustworthy. Because these emails originate directly from DocuSign’s official domain, traditional spam filters and firewalls struggle to flag them as malicious.
While these phishing attempts may pass initial security checks, they still have telltale signs of fraud. Here’s how you can stay one step ahead:
Weren’t Expecting It? Don’t Open It!
Unexpected emails, especially those requesting signatures or sensitive actions, should raise immediate suspicion. If you’re unsure, call the sender using a known, trusted phone number (not the one referenced in the email) to verify its legitimacy.
Don’t Ignore the Red Flags
Even if an email comes from a valid DocuSign address, the devil is in the details. A recent phishing attempt posed as the “Indiana Secretary of State,” yet the sender’s email was not from an official in.gov domain. Always double-check sender addresses, message wording, and any links before clicking.


When in Doubt, Proceed With Caution
IT security operates on one golden rule: caution is king. If you suspect an email is fraudulent, don’t engage. A legitimate DocuSign request can always be resent, but if your passwords or personal data are stolen, they can’t be recovered.
How Exact IT Consulting Can Help
We continuously monitor emerging threats and implement security measures to keep you safe. If you ever receive a suspicious email, think before you click! You can always send it to our team for verification before taking action.
Need help securing your business from phishing and cyber threats? Learn about our FREE Email Training!