$0 Elder Scam Shield Quick Start Checklist

DocuSign Scam Emails: How Fraudsters Use Fake Signature Requests to Target Seniors

If your parent has ever received an email saying "You have a document waiting for your signature," they have seen the exact bait that DocuSign scammers use. The emails look convincing — they carry DocuSign's logo, use official-sounding language, and arrive with an urgent subject line. For older adults who may not be familiar with how legitimate document-signing services work, these fakes are extraordinarily difficult to identify.

This post explains exactly how the DocuSign scam works, what the red flags look like, and what you can do today to make your parent harder to fool.

What Is the DocuSign Scam?

DocuSign is a legitimate, widely used service that allows people and businesses to sign documents electronically — mortgage paperwork, insurance forms, lease agreements, and so on. Because DocuSign is trusted and recognized, scammers have built an entire category of phishing attacks around its name and branding.

In a DocuSign phishing scam, the criminal sends an email that appears to be an official DocuSign notification. The email says something like:

  • "You have a document waiting for your review and signature."
  • "Action Required: Your lease renewal is ready to sign."
  • "Final notice: Your account will be suspended if you do not sign within 24 hours."

The email contains a button or link labeled "Review Document." When the recipient clicks it, one of three things happens:

  1. Credential theft: A fake login page captures the recipient's email address and password.
  2. Malware installation: Clicking the link downloads malicious software onto the device.
  3. Information harvesting: A convincing fake form asks for a Social Security number, bank account details, or other personal information under the guise of "identity verification before signing."

None of these outcomes involve any real document. The entire email is engineered to steal.

Why Seniors Are the Primary Target

Adult children often wonder why their parents receive so many of these emails. The answer is deliberate targeting.

Seniors are statistically more likely to own property, have active financial and insurance accounts, and be involved in estate or legal paperwork — all legitimate reasons a real DocuSign notification might arrive. Scammers know this. They also know that many older adults are less familiar with how electronic signatures work, making it harder to distinguish a genuine notification from a fake one.

The emotional pressure built into these emails — "Action Required," "Your document expires today" — is also especially effective against people raised to take correspondence seriously. Where a younger person might roll their eyes at urgency, an older adult may feel genuinely anxious about missing a deadline.

How to Spot a Fake DocuSign Email

Teach your parent these specific red flags. Better yet, walk through their inbox together the next time you visit.

The sender's email address is wrong

Genuine DocuSign emails always come from the domain docusign.net. Look at the full sender address — not just the display name. Scam emails frequently use addresses like:

The display name can say "DocuSign" even when the actual email address is completely unrelated. Your parent must know to look at the full address, not just the name that appears in their inbox.

The link does not go to docusign.com

Before clicking any button in an email, you can hover over it (on a computer) to see where it actually leads. If the destination URL is not docusign.com, it is fraudulent. On a phone, pressing and holding a link will usually show the web address before opening it.

Common fake domains include variations with extra words, hyphens, or different extensions: docusign-verify.co, esign-docuportal.com, or random strings of letters and numbers.

No one sent them a document

This is the simplest test. Ask your parent: "Are you expecting a document to sign?" If the answer is no — no lease, no insurance renewal, no legal paperwork — then the notification is almost certainly fake. Real DocuSign emails are sent because a specific person initiated a signing request. They do not arrive out of nowhere.

It asks for login credentials or personal information

A legitimate DocuSign notification does not ask for your Social Security number, bank account, or password. If clicking a link leads to a page requesting any of this, it is a fraud attempt. Close the browser immediately.

The email has generic language

Real DocuSign emails reference the specific sender — for example, "Johnson & Associates has requested your signature on: Lease Agreement." Scam emails tend to use vague language: "A document is ready for your review." The lack of specific detail about who sent the document and what it concerns is a reliable warning sign.

Free Download

Get the Elder Scam Shield Quick Start Checklist

Everything in this article as a printable checklist — plus action plans and reference guides you can start using today.

What to Do If Your Parent Receives a Suspicious DocuSign Email

Do not click anything

The safest immediate step is to close the email without clicking any links or buttons. Viewing the email itself is generally not dangerous — it is the act of clicking that triggers harm.

Verify independently

If your parent thinks the email might be legitimate — perhaps they are genuinely expecting paperwork — tell them to contact the sender directly using a phone number or email address they already have on file. Do not reply to the suspicious email, and do not call any phone number listed inside it. Call the actual company or person who might have sent the document.

Report it to DocuSign

Forward the suspicious email to [email protected]. DocuSign has a dedicated team that investigates phishing attempts using their brand. Reporting helps them identify and shut down active fraud campaigns.

Run a malware scan if anything was clicked

If your parent already clicked a link, do not panic — but act quickly. Run a full scan using Malwarebytes (free version available) or Windows Defender. Change the password on any accounts where the same password was used. If financial information was entered, contact the bank's fraud department immediately.

Setting Up a Simple Defense

Beyond knowing the red flags, there are two practical changes that reduce exposure for seniors.

Install Malwarebytes Browser Guard. This free browser extension specifically blocks phishing sites, including those impersonating DocuSign and similar services. It works in the background and does not require any action from your parent — if they click a bad link, the extension intercepts it before the page loads.

Enable two-factor authentication on the email account. Most DocuSign phishing attacks ultimately want to access either the email account itself or another account linked to it. If your parent's email has two-factor authentication turned on, even a stolen password cannot be used to log in without the second verification step.

The Bigger Picture

The DocuSign scam is part of a broader category called brand impersonation fraud, where criminals wrap their attacks in the appearance of a trusted company. The same technique is used with UPS delivery notifications, Amazon order confirmations, and IRS refund alerts.

What makes the DocuSign version particularly effective against seniors is the combination of authority (it looks like a real business communication), urgency (signature deadlines), and unfamiliarity (many older adults have less experience with electronic signature services and cannot easily identify what a legitimate notification looks like).

The best protection is helping your parent build a simple habit: before clicking anything in an email, ask one question — "Was I expecting this?" If the answer is no, pick up the phone and check.

Protecting your parent from phishing scams like DocuSign fraud is one piece of a larger puzzle. The Elder Scam Shield guide covers brand impersonation scams, tech support fraud, government impersonation calls, romance scams, and more — with specific scripts for talking to your parent, step-by-step device hardening instructions, and a recovery checklist for the first 24 hours after a scam occurs. It is written for adult children who want to do this right without having to research everything from scratch.

Get the Elder Scam Shield Guide

Get Your Free Elder Scam Shield Quick Start Checklist

Download the Elder Scam Shield Quick Start Checklist — a printable guide with checklists, scripts, and action plans you can start using today.

Learn More →

Related Articles

Types of Medicare Fraud Targeting Seniors: What Every Adult Child Needs to Know Medicare fraud costs the system billions—and it directly harms your parent. Here are the most common schemes, how to spo… Is This a Scam? A Simple Checklist to Help Seniors and Families Decide Not sure if a call, email, or text is a scam? Use this quick checklist to help your elderly parent identify fraud attemp… FBI Warning: Sophisticated Gmail Phishing Attacks Are Targeting Seniors in 2026 The FBI warns of AI-powered Gmail phishing attacks that bypass spam filters and look identical to real emails. Here's ho… Laws Protecting Senior Citizens From Financial Exploitation: What Families Need to Know Federal and state laws protecting seniors from financial fraud and exploitation—from the Senior Safe Act to Adult Protec… How to Talk to Your Parent About a Romance Scam Without Pushing Them Away Confronting an elderly parent about a suspected romance scam is one of the hardest conversations you'll ever have. Here …