Blog courtesy of KnowBe4
Written by Stu Sjouwerman
Earlier this week, DocuSign issued an alert that notified users of a new hacking tool. This tool is imitating DocuSign so then the bad guys can drop malware into victims' systems.
The tool is named "EtterSilent", and it created Microsoft Office documents that contain malicious macros to exploit a known Microsoft Office vulnerability. The alert states, "This activity is from malicious third-party sources and is not coming from the DocuSign platform.”
Check out DocuSign's helpful guide on their website of helpful indicators of compromise here. If your users use DocuSign, it is essential to alert your users of this potential threat so then your organisation can avoid becoming the next victim.
Frequent phishing tests and continual new-school security awareness training can ensure your users are prepared and equipped to respond in situations similar to this. User education is essential for your users to spot and report and suspicious activity.
JD Supra has the full story.
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here's how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customise the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organisation compares to others in your industry