The UIS Service Desk has noticed an increase in phishing emails targeting people’s work emails. A recent scheme involves sending a DocuSign request.

Please exercise increased caution in your email. If you receive an unexpected DocuSign request, be vigilant. If you don't regularly work with DocuSign documents, you should be skeptical of unexpected DocuSign requests. A key indicator is DocuSign emails that do not have @docusign.net as the sender address. Hovering over a link can reveal whether it misdirects you, as seen in the image below.

If you want to confirm with the person who supposedly sent the document, email them directly and do not reply to the suspicious email. If you suspect an email is a phishing attempt, use the report button in Outlook and avoid clicking the link in the email.

What should I do if I opened a suspicious link or attachment?

Immediately report it as a possible incident to the UIS Service Desk. Visit the Report an Incident web page to learn more.

If you entered your CU credentials when visiting the link, you should change your CU password immediately.

What should I do if I am unsure whether an email is legitimate or a phish?

If something seems suspicious, it probably is. You can forward the email to the Office of Information Security, and we will look into it for you.

Learn more

Visit the Office of Information Security Awareness site to learn more about phishing emails.