Close

DocuSign phishing, NHS COVID vaccine certificate phishing and Spoofing

laptop-g06ef7d693_128026 October 2021

Now that all staff and students are on MFA, attackers are finding more and more creative ways to compromise your accounts and the school server.

DocuSign phishing

DocuSign is a widely used e-Sign platform and most of our staff has used DocuSign to sign off contracts or even review contracts. However, the prevalence of DocuSign phishing is something that is extremely worrying. 

Compromising your account by giving your details away only takes one click on a link in a DocuSign phishing email! So, here are a few tips the School’s cyber security team wants you to keep in mind at all times.

  1. Stop and think – Are you expecting to sign a contract? Does the name on the email sound familiar?
  2. If unsure, never click on the link that says “View Document”.
  3. Still unsure? Send the email as an attachment to phishing@lse.ac.uk and we will check the document for you.
  4. Once you’re sure it’s a phishing email, you can report to Microsoft as phishing under ‘Security Options’ or ‘Report Junk’.

NHS COVID Pass phishing

The number of vaccinated people is slowly rising and so are NHS COVID Pass phishing. Usually, the tell-tale way of a vaccine certificate phishing is that they will charge you money for accessing the certificate. 

If you have given away your bank details to a phishing email, please phone your bank immediately to let them know you have been scammed. Please also report your situation to phishing@lse.ac.uk so that necessary steps can be taken to prevent compromises to your LSE account.

Always remember that the NHS COVID pass is free of charge and can be accessed using the NHS app or the NHS website using NHS login. Learn more about NHS COVID pass here

Spoofing

Spoofing occurs when a bad actor is impersonating someone you trust or know to elicit a response from you. For instance, a bad actor may be pretending to be your head of department or even a colleague you know. Although spoofing can be done in a multitude of ways, the most common spoofing attempts at LSE are through email.

Here’s an example of a spoofing email. 

We can see it’s a phishing email because the email address is not from an LSE domain. However, the spoofer has cleverly added the correct details of the Professor in the signature to make receivers less suspicious. 

Please note that spoofing emails will always contain words such as hurry, urgent, ASAP, help, which will trick receivers into replying quickly without thinking.   

What to do when you receive spoofing emails?

  1. Don’t engage with the sender. Treat every mail with caution.
  2. Always look for the header info and check the actual email of the sender. Sometimes, the actual email may be hidden. In these cases, you can follow this guide to view the full message header.
  3. Send the email as an attachment to phishing@lse.ac.uk where we can check the legitimacy of the email for you.
  4. Block the sender.

Share