How can I safely check if a DocuSign request is real?

Do not click the link in the email. Go directly to docusign.com, click 'Access Documents' at the bottom of the page, and enter the security code provided in the email (if it's a real email, a code is always located at the very bottom).

I typed my password into the fake portal. What now?

Contact your company's IT or security team immediately. Change your email password from a safe device and ensure two-factor authentication is active to block attackers from logging in.

Will DocuSign ever send an attachment?

Typically, the document is hosted on the secure DocuSign portal. While senders can choose to attach a PDF copy of a completed document, any email asking you to open an attachment to sign it is highly suspicious.

DocuSign Scam Checker

DocuSign scam checker for fake signature requests.

Got an unexpected email stating you have a document to review and sign via DocuSign? Stop. Scammers use fake DocuSign alerts to steal your email password and infect your computer with malware.

Security Insight

DocuSign is one of the most highly impersonated SaaS brands in Business Email Compromise (BEC). Attackers know professionals are trained to promptly open and sign legal documents without questioning them.

Instant risk analysis

Checks sender identity

No signup required

Check Message on Homepage Read Scam Education

Detecting fake DocuSign alerts

Attackers clone DocuSign's yellow branding perfectly to trick you into entering your credentials. Watch out for these dominant enterprise scam patterns.

The fake login screen

You click 'Review Document', but instead of showing the document, a screen pops up asking you to log in with your Microsoft Office 365 or Google Workspace password.

Malicious file attachments

A real DocuSign notification usually does not contain the actual document as an email attachment. Scammers will attach a ZIP or PDF file containing malware.

Unsolicited HR or Finance forms

The email claims to be an employee handbook update, a new payroll form, or an invoice from an executive that requires your immediate signature.

Hidden sender addresses

The email displays 'DocuSign System' as the name, but hovering over the sender shows a compromised or random email address.

What IsThisSpam checks before you trust a sender

Quick verdicts are useful, but the real value is understanding why something looks safe, uncertain, or risky.

Password prompts to view documents

DocuSign does not require you to enter your corporate email password just to view a document sent to you.

Hovering over the 'Review' button

If the URL visible at the bottom of your screen does not begin exactly with docusign.com or docusign.net, it is a scam.

Generic subject lines

Subjects like 'Please Sign Here' or 'Important Document 1234' with no context about the actual business deal.

Typos and poor formatting

While scammers copy the logo, they often have strange line breaks or grammatical errors in the actual email body.

Related guides

Use the checker for the fast answer, then read the deeper guidance for recurring scam patterns.

Microsoft Scam Checker

DocuSign scams are often a front for Microsoft Office 365 credential harvesting.

Read the guide

Invoice Fraud Checker

Learn more about broader B2B invoice scams and BEC.

Read the guide

FAQ

These are the questions people usually ask right before they click, reply, or pay.

Got a screenshot or attachment? Our AI can analyse it.

Free scan first, deeper analysis when you need it

Check the sender before you trust the message.

Start with a fast scan, then move to SuperScan when the message involves money, account access, or sensitive documents.

Check Message on Homepage Read Scam Education