Fake DocuSign emails spoof Apple Pay charges
Phishing scams utilizing fake DocuSign emails are circulating, appearing as charges from companies like Apple. These messages often include a receipt, order ID, and support number, which connects victims to scammers instead of legitimate services.
The phishing emails, detailed by Kurt Knutsson from CyberGuy Report Fox News, mimic billing receipts for Apple Pay purchases. They typically claim a subscription charge and prompt recipients to call a number if the charge is unrecognized. Companies like Apple, Netflix, Expedia, or even lawn service companies are spoofed to lend credibility. Some emails feature a “DocuSign” link and security code, suggesting a need to access a file to confirm the transaction.
Neither Apple nor other major companies send billing receipts via DocuSign; this is a key indicator of fraud. Sender addresses often contain subtle character alterations, such as a Cyrillic “B” instead of a standard “B” in words like “Billing,” to bypass spam filters.
The scam aims to provoke a quick reaction from recipients. The email states an Apple Pay account has been charged, providing an order ID, charge amount, and a DocuSign link for a supposed receipt. A listed phone number urges unauthorized charge reporting, but this number connects directly to a scammer impersonating a support agent.
Scammers on the call attempt to convince victims their account is compromised or requires immediate payment reversal. They may request Apple ID, banking details, or card numbers. Some demand victims download remote access software or pay fees for fictitious account protection or reversal services. The goal is to gain account access, steal sensitive data, or initiate fraudulent transactions. These scams combine realistic-looking receipts, official logos, DocuSign links, urgent language, and a seemingly direct phone number for resolution.
Individuals can implement several protective measures:
- Inspect the sender address: Verify that the email originates from an official domain, such as @apple.com. Scammers often use slightly altered addresses.
- Understand company receipt practices: Major services like Apple and Netflix do not use DocuSign for billing statements. Receipts from these companies come directly from the service provider.
- Exercise caution with links and use antivirus: Hover over links in suspicious emails to check the actual web address before clicking. Ensure strong antivirus software is installed on all devices to detect phishing and ransomware.
- Verify transaction history: Instead of trusting email claims, check purchase history directly through official apps (e.g., Apple ID settings for Apple users) to confirm charges.
- Minimize online personal data: Delete unused accounts, limit public social media details, and consider using data removal services. This reduces the information available for scammers to craft targeted attacks.
Data removal services, while potentially costly, actively monitor and erase personal information from numerous websites, reducing the risk of scammers cross-referencing breached data with publicly available details. Phishing scams like the DocuSign Apple Pay ruse are evolving. Skepticism and direct verification through official channels are the best defenses against such tactics, as scammers rely on panic and quick reactions.