Last month, we published an article about a common tactic that uses fake DocuSign emails to trick users into handing over personal information. This month, we take a closer look at the process using WashU’s enterprise (i.e., university-provided) DocuSign service.
When you receive a DocuSign request from a WashU sender, you will receive an email requesting your review of the document. A “Review Document” button will be featured prominently, as pictured below.
A DocuSign email originating from within WashU will also contain the information below. This section includes alternate signing strategies and links to DocuSign help documents.
For your convenience and security, WashU users can access DocuSign using the WUSTL ONE page (one.wustl.edu). This not only allows for easy access to DocuSign without having to enter another set of login credentials, but it also ensures you’re interacting with a legitimate DocuSign request. If you ever doubt the legitimacy of a DocuSign request, don’t click on any links in the email. Simply log into ONE using your WUSTLKey and search for DocuSign in the app menu. You’ll find legitimate DocuSign requests and notifications there. If you frequently use DocuSign, mark the app as a favorite for quick and easy access.
Once you’re logged into DocuSign with your WustlKey, you can view your requests and notifications and complete your signature requests.
Alternatively, you can visit the DocuSign website and log in with your WashU email address. When you enter your WashU email address, DocuSign will take you to our WustlKey login page. If you are already logged into the ONE, you’ll go straight to your DocuSign dashboard page.
On your dashboard, you’ll see any items that require action.
Click on the action items to view details and complete your signature.
As always, remain vigilant when receiving requests for your information, especially when they have a tone of urgency. Using WUSTL ONE to access DocuSign and other important systems allows you to easily avoid clicking on links in phishing emails. Be sure to bookmark ONE and use it anytime, especially when you receive a suspicious request.
For more information about DocuSign as WashU, please visit their website at the following link:
DocuSign – WUSTL Information Technology