eSign Online Spoofs - Phishing Attempts Result -
DANGER Will Robinson!
eSign Online Spoofs, actually are Phishing Attempts.
Responding to them will result in DANGER to your online presence.
If you receive any email SUPPOSEDLY from eSign, check to see if the form address is the normal one - firstname.lastname@example.org.
IF NOT ---- DO NOT CLICK OR RESPOND IN ANY WAY!!!!!
Here's an alert from eSign itself - suggestions for cautionary behavior online. FMLS in Atlanta, GA distributed this letter to members:
"We have been informed of [...] spoofed (fake) eSign email. It looks like a regular eSign email but the FROM address is not our normal and the link is to a bad URL."
A "BAD URL" actually means DANGER !!! DO NOT CLICK to check it out !!!
And the alert from eSign continues:
------- QUOTED IN ITS ENTIRETY -------
"What to look for:
- eSign Session that doesn’t seem real…wasn’t sent by you.
- Look at the FROM email….eSign will never send an email as you, it only sends as email@example.com
- Look at the download document link…mouse over it, all real eSign emails will link to mandrillapp.com first and then esignonline.net
"With the recent cyberattacks, we wanted to send out a courtesy reminder about email spoofing and what to watch for. Email spoofing occurs when an intruder attempts to gain unauthorized access to a user's system or information by pretending to someone else via email. Spoofing is used to trick a user into giving up sensitive information in order to gain access to personal accounts or your computer system.
"eSign emails can also be spoofed (faked). Use these tips to help you and your clients identify real eSign emails:
If an eSign session doesn’t seem legitimate or if you were not expecting an invite, do not open it. Contact the sender immediately if you have any doubts.
"FROM Email Address
Be aware of the from email address. eSign will only send from firstname.lastname@example.org. We will never send an email from your address.
"Mispelled words or domains
Be aware of the from domain which will always be eSignOnline.net. Sometimes scams are sent with a domain that is very similar in spelling. Also check the spelling/grammar of the subject line and body for any mistakes.
All links in eSign emails will link to our SMTP smarthost, Mandrillapp.com, then esignonline.net. You can easily mouse over all signing links or download links to see the URL you will be forwarded to.
eSign will never ask you for any personal information directly. Do not provide your login information or passwords."
PHISHING IS NOT A JOKE!!!
Image for phishing courtesy of Carbonite alert.