Phishing Alert: DocuSign Wire Transfer Scam | Information Technology | University of Pittsburgh

Phishing Alert: DocuSign Wire Transfer Scam

Tuesday, May 9, 2017 - 16:01


Computing Services and Systems Development (CSSD) is responding to a new email phishing scam that claims a wire transfer from DocuSign is ready for your signature. The Subject line of the email typically reads: "Completed: - Wire Transfer Instructions for recipient-name Document Ready for Signature”. The email contains a link to a downloadable Word document that is designed to trick the recipient into running harmful software. 

Before clicking on any documents shared with you, check with the sender personally to confirm that they did indeed share a document with you, especially if it is a document you were not expecting. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to Detailed instructions on reporting scams are available at

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.