Attackers Exploit DocuSign API to Send Fraudulent Invoices, Bypassing Security Filters

Attackers are leveraging DocuSign’s API to distribute authentic-looking invoices at scale, exploiting legitimate business channels to bypass traditional security measures. Using paid DocuSign accounts and customized templates, malefactors mimic reputable companies, such as Norton, to send convincing invoices through the platform. Revealed in a blog post by Wallarm, this approach evades phishing filters by omitting […]