Forcepoint has a report that is literally hot off the press that covers something that I have personally experienced today.
With holiday financial stress peaking, Forcepoint has uncovered a sophisticated two-pronged scam campaign. Scammers are now pairing Docusign-themed phishing to hijack corporate credentials with convincing loan offer spam designed for identity theft.
The first threat uses spoofed ‘wine order’ documents to lure employees into entering logins on fake pages. Simultaneously, ‘Christmas Cheer Cash’ lures use professional marketing layouts to walk victims through a ‘loan application’ that harvests SSNs and bank details. I have received phishing emails matching the description of the first threat. These attacks are effective because they mimic standard end-of-year workflows.
You can get more details here: https://www.forcepoint.com/blog/x-labs/docusign-phishing-holiday-loan-spam
Related
This entry was posted on December 22, 2025 at 4:12 pm and is filed under Commentary with tags Forcepoint X-Labs. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Scam alert: Docusign phishing meets holiday loan scam
Forcepoint has a report that is literally hot off the press that covers something that I have personally experienced today.
With holiday financial stress peaking, Forcepoint has uncovered a sophisticated two-pronged scam campaign. Scammers are now pairing Docusign-themed phishing to hijack corporate credentials with convincing loan offer spam designed for identity theft.
The first threat uses spoofed ‘wine order’ documents to lure employees into entering logins on fake pages. Simultaneously, ‘Christmas Cheer Cash’ lures use professional marketing layouts to walk victims through a ‘loan application’ that harvests SSNs and bank details. I have received phishing emails matching the description of the first threat. These attacks are effective because they mimic standard end-of-year workflows.
You can get more details here: https://www.forcepoint.com/blog/x-labs/docusign-phishing-holiday-loan-spam
Share this:
Like this:
Related
This entry was posted on December 22, 2025 at 4:12 pm and is filed under Commentary with tags Forcepoint X-Labs. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.