Is This DocuSign Email a Scam? How to Tell
DocuSign is one of the most-impersonated brands in 2024-2026 according to the APWG, with scammers sending fake document-signature requests that lead to credential-harvesting pages.
Reviewed by the Cautellus team · Last updated May 30, 2026
Think you've received a scam?
Paste a suspicious message, email, or URL into our free AI scanner for instant analysis.
Scan Now — It's FreeCommon DocuSign Scam Types
Example Scam Messages
These are examples of fake messages impersonating DocuSign. Never click links in unsolicited messages.
“DocuSign: Your document is ready to sign. Review at docusign-secure.com”
“DocuSign: 1 document expires in 24h. Sign now: docusign-envelope.online”
Red Flags to Watch For
- Signature request links to non-docusign.net or non-docusign.com domains
- Generic greetings ("Dear Customer") instead of your name
- Urgency language ("expires today", "final notice")
- Requests to sign a document you weren't expecting
- Attached files instead of an in-email "Review Document" button
Real vs. Fake DocuSign — Side by Side
| Signal | Real DocuSign | Fake / Scam |
|---|---|---|
| Sender domain | dse@docusign.net or @docusign.com. | Lookalike like docusign-secure.com, docusign-envelope.online, or a random Gmail address. |
| Review link | Always opens docusign.net (optionally a country subdomain). | Any other domain, shortened URL, or attachment instead of a link. |
| Document context | You know the sender and what you're signing. | Unexpected envelope from someone you don't do business with. |
| Security code | Real emails include an 8-character envelope code you can verify at docusign.com/sign. | No verification code, or the code goes to a fake site. |
Legitimate DocuSign Contact Info
Real DocuSign emails come from dse@docusign.net or dse_NA*@docusign.net. The "Review Document" button always opens docusign.net (with optional country code subdomain). Visit support.docusign.com to verify any envelope by its alphanumeric security code.
Where to Report a DocuSign Scam
If you received or fell for a fake DocuSign message, report it to the authorities below. Reporting helps investigators track these campaigns.
- FTC — reportfraud.ftc.govReport fraud and scams to the U.S. Federal Trade Commission.
- FBI IC3 — ic3.govFile a complaint with the FBI's Internet Crime Complaint Center.
- Cautellus reporting guide →Step-by-step help on who to contact and how to recover.
Live Community Flags
Recently reported DocuSign scam variants from the Cautellus community. Flagged items include deepfake videos, cloned voicemail, and spoofed domains.
Community reporting for DocuSign is launching soon. Submissions will appear here with timestamps and scam-type tags.
Report a DocuSign scam you've received →Related Articles
Other Tech Scams
Think you've received a scam?
Paste a suspicious message, email, or URL into our free AI scanner for instant analysis.
Scan Now — It's Free