Cybercriminals Send False Invoices by Using DocuSign APIs

0
14
Cybercriminals Send False Invoices by Using DocuSign APIs
Cybercriminals Send False Invoices by Using DocuSign APIs

Researchers studying cybersecurity have noticed a rising pattern in which fraudsters use DocuSign APIs to send phoney invoices that look real. These assaults employ real DocuSign accounts and templates to imitate trustworthy firms, eluding security filters and tricking consumers into approving payments, in contrast to classic phishing scams that rely on fake emails with dangerous links.

Beyond Traditional Phishing Tactics

These new assaults directly target trustworthy services, whereas phishing frequently uses emails that imitate reputable businesses in order to steal private information. Attackers have been seen establishing phoney DocuSign accounts and altering templates to mimic requests from well-known businesses, such as Norton Antivirus, according to Wallarm.

Because emails sent from DocuSign’s platform look authentic to email filters and contain no malicious links or attachments, fraudsters can evade detection by using the e-signature service.

Attackers created premium DocuSign accounts so they could ask victims to sign documents using genuine templates and business logos. To look authentic, many of these fake invoices include actual fees and exact product price. Attackers could ask companies or finance departments to pay them directly after victims sign.

User reports detailing these fraudulent operations have increased dramatically in DocuSign community forums over the past five months. These incidents’ consistency points to a highly automated method that enables attackers to send out a lot of invoices with little manual labour.

Cybercriminals can swiftly scale operations and target numerous organisations at once by gaining access to DocuSign’s APIs, especially the Envelopes: build API.

API Exploitation and Security Measures

Despite being beneficial for companies, Wallarm cautioned that DocuSign’s API-friendly design leaves room for misuse by bad actors.

Wallarm security specialists advised organisations to take the following actions to combat these threats:

Check the sender’s credentials: Verify the sender information again, particularly if emails appear dubious.

Need internal consent: Set up multi-step financial transaction authorisation.

Employee education: Spread the word about frauds involving bills that appear genuine.

Keep an eye out for irregularities: Keep an eye out for any unusual fees or requests for invoices.

Wallarm recommended that service providers enforce API rate restrictions, do routine threat modelling, and keep an eye on API activity for odd trends.

Also readViksit Workforce for a Viksit Bharat

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.