Wallarm has unveiled a report where hackers are exploiting DocuSign APIs to send authentically appearing invoices in a new breed of cyber threat. Exploiting trusted platforms like DocuSign through their APIs marks a concerning evolution in cybercriminal strategies. By embedding fraudulent activities within legitimate services, attackers increase their chances of success while making detection more challenging.
While beneficial for businesses, DocuSign’s API-friendly environment inadvertently provides a fertile ground for malicious actors to exploit. With paid accounts and access to official templates, attackers can customize invoices to match the branding of target companies, including unauthorized use of trademarks like Norton’s.
You can read the report here.
Cybercriminals Exploit DocuSign’s APIs to Send Authentic-Looking Invoices
Posted in Commentary with tags Wallarm on November 4, 2024 by itnerdWallarm has unveiled a report where hackers are exploiting DocuSign APIs to send authentically appearing invoices in a new breed of cyber threat. Exploiting trusted platforms like DocuSign through their APIs marks a concerning evolution in cybercriminal strategies. By embedding fraudulent activities within legitimate services, attackers increase their chances of success while making detection more challenging.
While beneficial for businesses, DocuSign’s API-friendly environment inadvertently provides a fertile ground for malicious actors to exploit. With paid accounts and access to official templates, attackers can customize invoices to match the branding of target companies, including unauthorized use of trademarks like Norton’s.
You can read the report here.
Leave a comment »