In Wake of Fraudulent DocuSign Emails, How to Recognize The Real Thing

Fraudulent emails with DocuSign attachments have permeated the MCA business in recent weeks. Independent MCA broker and Small Business Banker Paul Kelly told deBanked that he received up to 15 emails over the last few weeks from both Edwin Torres and John Edwards at the MCA company RET Capital. The emails had an attachment that encouraged the reader to “View Document.”

Staff at deBanked also received similar emails from Edwin Torres on January 16 and from John Edwards on January 23. Suspicious of the email, Kelly didn’t open the attachment, which was wise. According to DocuSign’s Trust Center page, people should “not click on attachments within an email requesting your signature. DocuSign emails only contain PDF attachments of completed documents after all parties have signed the document.”

The page lists other signs that may indicate a fraudulent DocuSign email, such as misspellings or conveying extreme urgency.

When we asked Torres if he had intended to send these emails, he said he not. Instead, he said he was the victim of a virus from DocuSign, which was likely hacked, he said.

“This has ruined my life for the past few weeks,” Torres said.

He also urged people not to open the attachment, as he had, which allowed the virus to send emails from his email account. Torres said that other companies in the industry had also been affected by the virus. But he said that his company’s computers had been cleaned for the virus last week and, so far, he hasn’t received any complaints this week.

Todd Stone was a reporter for deBanked.