The DocuSign service was recently breached and the attackers were able to steal a list of DocuSign users from the site. They are now sending fake DocuSign messages to those users in an attempt to phish for their passwords. While Champlain doesn’t officially support DocuSign, we know that many of our vendors use it to share documents with Champlain faculty and staff.
If you do use DocuSign, be extra vigilant in examining any messages you receive from that service. Some early phishing attempts have links to the “dousign.com” domain (note the lack of a ‘c’ in the name), so the differences can be subtle. Remember not to click on links or attachments that you aren’t expecting. If you do receive a message that looks like a phishing attempt, delete it.
Contact ChampSupport if you have any further questions.