Address leak leads to phishing

A number of people in the industry are reporting getting phishing emails to addresses they used at DocuSign.
There were initial reports of a DocuSign data breach back in December. Now it appears DocuSign is being used as a phishing target.

At 8:40AM PST this morning, 1/24/2013, DocuSign became aware of new malware spam emails that are being sent as if it was coming from the DocuSign service. An example follows immediately below. These emails are not coming from DocuSign and you should not click on any links or attachments therein. They are coming from an unrelated, malicious third party attempting to copy DocuSign’s email branding in the hopes of fooling recipients into opening the email and clicking on links and/or attachments.

This seems to be a widespread phishing attack. Watch your links.

Related Posts

Phishing and trust

Tom Sather has a great post up on the RP Email marketing blog discussing phishing. His point is that phishing lowers the overall trust in email marketing. He lists a number of things marketers should consider doing to counteract that loss of trust.
I rely heavily on the use of tagged addresses to deal with phishing in my own mailbox. If an email doesn’t come to the right address, then it’s immediately tossed as a phish. Unfortunately, as data leaks increase this is becoming less effective as a strategy.

Read More

Return Path partners with Symantec

Today Return Path announced a partnership with Symantec to improve their anti-phishing product. Return Path is incorporating the Symantec Trusted Domain List into their authentication and filtering product to help customers protect their brands. Press Release
Phishing scams affect everyone, and having a brand that is used in phishing can reduce consumer trust in that brand. Protecting brands in email has been one of the more difficult challenges facing the email community. With the adoption of DKIM and DMARC by major brands and ISPs it has become easier to track and address phishing.

Read More

Data Cleansing part 2

In an effort to get a blog post out yesterday before yet another doctor’s appointment I did not do nearly enough research on the company I mentioned selling list cleansing data. As Al correctly pointed out in the comments they are currently listed on the SBL. And when I actually did the research I should have done it was clear this company has a long term history of sending unsolicited email.
Poor research and a quickly written blog post led to me endorsing a company that I absolutely shouldn’t have. And I do apologize for that.
With all that being said, Justin had a great question in the comments of yesterday’s post about data cleansing.

Read More