Is an email from DocuSign or Adobe Sign asking me to review a document safe?
Fake DocuSign and Adobe Sign emails are a common phishing method. Verify the sender domain and log in directly — do not click the email link.
Last reviewed: 1 June 2026
Explanation
Scammers send convincing fake e-signature request emails mimicking DocuSign, Adobe Sign, or HelloSign. The embedded 'Review Document' button leads to a phishing page that captures your login credentials or Microsoft/Google account details. Some fake links also download malware. The emails can look nearly identical to genuine ones, including correct branding and plausible sender names. Always verify by logging into your DocuSign or Adobe Sign account directly in your browser rather than following the link in the email.
Common red flags
- Sender email domain does not match docusign.com or adobe.com exactly
- Urgency about a document expiring in hours
- You were not expecting any document to sign
- Clicking the link asks for your email or Microsoft/Google password
What to do now
- Do not click links in the email — go directly to the service's website
- Check the sender's full email address for misspellings
- If you clicked and entered credentials, change your password immediately
- Report the phishing email to the service and your IT team
Frequently asked questions
How do I tell a real DocuSign email from a fake one?
Real DocuSign emails come from docusign.net or docusign.com. They include a security code you set, and never ask for your password. If in doubt, log in at docusign.com directly.