Hacker Spree of Fake Invoices Stems From Permissive DocuSign APIs
Hackers are using the DocuSign APIs to forge authentic-looking fake invoices for payment backed by the trusted “docusign.net” domain. The term “hacking” is used loosely here as it is something that any paying customer with Envelopes API access could do.